fkie_cve-2015-0638
Vulnerability from fkie_nvd
Published
2015-03-26 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3, when a VRF interface is configured, allows remote attackers to cause a denial of service (interface queue wedge) via crafted ICMPv4 packets, aka Bug ID CSCsi02145.
References
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-wedgeVendor Advisory
psirt@cisco.comhttp://www.securitytracker.com/id/1031983
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-wedgeVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1031983
Impacted products
Vendor Product Version
cisco ios 12.2\(33\)ird1
cisco ios 12.2\(33\)ire3
cisco ios 12.2\(33\)sxi4b
cisco ios 12.2\(44\)sq1
cisco ios 12.4\(25e\)jam1
cisco ios 12.4\(25e\)jap1m
cisco ios 12.4\(25e\)jaz1
cisco ios 15.0\(2\)ed1
cisco ios 15.2\(1\)ex
cisco ios 15.2\(2\)gc
cisco ios 15.2\(2\)ja
cisco ios 15.2\(2\)ja1
cisco ios 15.2\(2\)jax
cisco ios 15.2\(2\)jax1
cisco ios 15.2\(2\)jb
cisco ios 15.2\(2\)jb1
cisco ios 15.2\(2\)jb2
cisco ios 15.2\(2\)jb3
cisco ios 15.2\(2\)jb4
cisco ios 15.2\(2\)jn1
cisco ios 15.2\(2\)jn2
cisco ios 15.2\(2\)t
cisco ios 15.2\(2\)t1
cisco ios 15.2\(2\)t2
cisco ios 15.2\(2\)t3
cisco ios 15.2\(2\)t4
cisco ios 15.2\(3\)t
cisco ios 15.3\(2\)s2
cisco ios 15.3\(3\)ja1n
cisco ios 15.3\(3\)jab1
cisco ios 15.3\(3\)jn


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)ird1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACA00878-FA42-4234-B3CD-F2F07F7CE9EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)ire3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B785F54A-DD27-4422-8F25-0A6EB3E36EEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi4b:*:*:*:*:*:*:*",
              "matchCriteriaId": "95470E1A-2FEC-41DA-8259-EE4F890A32B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(44\\)sq1:*:*:*:*:*:*:*",
              "matchCriteriaId": "742DA70E-6FF9-451D-9E62-F81EFB0BEB6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4\\(25e\\)jam1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30FFBD57-E751-42C8-AE89-CD2073F45688",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4\\(25e\\)jap1m:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4D3B067-46F9-460B-A3EB-7FCA3DDA7E3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4\\(25e\\)jaz1:*:*:*:*:*:*:*",
              "matchCriteriaId": "81CA75FF-8C2E-4D9C-BE57-34EF801C28D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)ed1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D3C419-D1FF-45E8-A5B1-AFFC59567478",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)ex:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E92C269-3C17-4C9D-970F-E9C8EE709ADA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)gc:*:*:*:*:*:*:*",
              "matchCriteriaId": "C89D14BC-1718-4AE9-B107-1709C2CE965E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)ja:*:*:*:*:*:*:*",
              "matchCriteriaId": "72A45595-A97C-4B72-9ED4-7F431F041627",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)ja1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CBF7035-E936-44A3-B196-6946AEB466A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jax:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F95DC51-220F-41F9-BC48-E010746C2D33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jax1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09A7A51A-98DD-416E-82EB-CBB824D3C789",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F81AACB-C3F9-454F-A31D-E985451B0105",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E15A69BF-50B6-42BE-9F44-7A7EBA28CC6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb2:*:*:*:*:*:*:*",
              "matchCriteriaId": "853F31A7-E4A7-41DC-B6C6-36D5C665B7AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDC473A4-39F2-4F32-B268-B9282B0B7823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF758B9D-7E81-4B27-865C-7CE675D38228",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jn1:*:*:*:*:*:*:*",
              "matchCriteriaId": "455FEA02-5E9A-4B73-8E93-6D0BF778E954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jn2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D276149-6D16-4C8D-8D7F-BAD72D7C78BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)t:*:*:*:*:*:*:*",
              "matchCriteriaId": "73B24B56-CCD1-4DD0-B042-C6296338BAAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)t1:*:*:*:*:*:*:*",
              "matchCriteriaId": "632FFFE6-5FF5-478C-8C57-A6590840219E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)t2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1246D88-D206-453B-8EB6-A9848BB09781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)t3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9AEA886-C40F-4C2E-86F5-A4A8707E7DF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)t4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E759D97-682F-4EFC-9885-14B1CBC80C41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(3\\)t:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D89FF8-F1AF-43A9-894F-2B57A3A415D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.3\\(2\\)s2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7E5969-E55B-4EBF-ADDE-8A969174E03D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja1n:*:*:*:*:*:*:*",
              "matchCriteriaId": "49DAE7DA-E0D3-4434-AD75-C8894D939A83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jab1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBEF7B94-3510-48FA-B783-1BF1C23C2C0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jn:*:*:*:*:*:*:*",
              "matchCriteriaId": "32E6CCE7-88BB-4F4F-9253-EC67B5076767",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3, when a VRF interface is configured, allows remote attackers to cause a denial of service (interface queue wedge) via crafted ICMPv4 packets, aka Bug ID CSCsi02145."
    },
    {
      "lang": "es",
      "value": "Cisco IOS 12.2, 12.4, 15.0, 15.2, y 15.3, cuando una interfaz VRF est\u00e1 configurado, permite a atacantes remotos causar una denegaci\u00f3n de servicio (presi\u00f3n en la cola de la interfaz) a trav\u00e9s de paquetes ICMPv4 manipulados, tambi\u00e9n conocido como Bug ID CSCsi02145."
    }
  ],
  "id": "CVE-2015-0638",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-03-26T10:59:04.443",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-wedge"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1031983"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-wedge"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1031983"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.