CVE-2015-0636

Published Mar 26, 2015

Last updated 2 months ago

CVSS info 7.8

Overview

Description: The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (disrupted domain access) via spoofed AN messages that reset a finite state machine, aka Bug ID CSCup62293.
Source: psirt@cisco.com
NVD status: Deferred

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B74B72D9-AB41-4D98-BEF5-3CA37F68F645"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.12s.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5E6FF1A-D90D-412A-8159-E766DC14FA57"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.12s.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84E6DEE6-50EF-4333-B0B9-964A633734D1"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.12s.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D83A5AC0-C583-4B2E-8F08-989B3EF3F4EF"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.12s.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B54EA665-1017-4EC1-9522-420F67CD4D8E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.13s.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28303ADA-1B8E-42F6-9CD1-A457D863727B"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)ird1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ACA00878-FA42-4234-B3CD-F2F07F7CE9EA"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)ire3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B785F54A-DD27-4422-8F25-0A6EB3E36EEA"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi4b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "95470E1A-2FEC-41DA-8259-EE4F890A32B5"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.2\\(44\\)sq1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "742DA70E-6FF9-451D-9E62-F81EFB0BEB6C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.4\\(25e\\)jam1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30FFBD57-E751-42C8-AE89-CD2073F45688"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.4\\(25e\\)jap1m:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4D3B067-46F9-460B-A3EB-7FCA3DDA7E3E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.4\\(25e\\)jaz1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81CA75FF-8C2E-4D9C-BE57-34EF801C28D5"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)ed1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5D3C419-D1FF-45E8-A5B1-AFFC59567478"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)ex:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E92C269-3C17-4C9D-970F-E9C8EE709ADA"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E15A69BF-50B6-42BE-9F44-7A7EBA28CC6D"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.3\\(2\\)s2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6B7E5969-E55B-4EBF-ADDE-8A969174E03D"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja1n:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49DAE7DA-E0D3-4434-AD75-C8894D939A83"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jab1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CBEF7B94-3510-48FA-B783-1BF1C23C2C0C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jn:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32E6CCE7-88BB-4F4F-9253-EC67B5076767"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnb:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9BC3CD43-F30A-484B-9285-D925C1262212"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "237D305E-016D-4E84-827C-44D04E3E0999"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)s1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E993A32E-D2AF-4519-B4C9-7F576649D20F"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)s2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7260A66D-D477-440E-9A87-C05F9BD9E67C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)s3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31059ED1-4D82-43D7-8EF7-042125289CF1"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4151B2B1-B17F-4F1D-A211-34C7DB84E442"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)s1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "37B550C9-B2E4-44EE-8E0B-54D150C69A0F"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)s2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BEBBA614-74E7-43C7-8D33-ADF4BD79D477"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C63FF7C4-D9CE-4D6C-B36E-0C0DC06F453E"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References