VAR-201503-0163
Vulnerability from variot - Updated: 2024-02-13 22:54The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS allows remote attackers to trigger self-referential adjacencies via a crafted Autonomic Networking (AN) message, aka Bug ID CSCup62157. Cisco IOS is an operating system developed by Cisco Systems for its network devices. An attacker may exploit this issue to bypass certain security restrictions and perform unauthorized actions. This issue is being tracked by Cisco Bug ID CSCup62157
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201503-0163",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": null,
"trust": 1.4,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01498"
},
{
"db": "BID",
"id": "72966"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001669"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-118"
},
{
"db": "NVD",
"id": "CVE-2015-0659"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0659"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "72966"
}
],
"trust": 0.3
},
"cve": "CVE-2015-0659",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-0659",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-01498",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-78605",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-0659",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2015-01498",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201503-118",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-78605",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-0659",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01498"
},
{
"db": "VULHUB",
"id": "VHN-78605"
},
{
"db": "VULMON",
"id": "CVE-2015-0659"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001669"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-118"
},
{
"db": "NVD",
"id": "CVE-2015-0659"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS allows remote attackers to trigger self-referential adjacencies via a crafted Autonomic Networking (AN) message, aka Bug ID CSCup62157. Cisco IOS is an operating system developed by Cisco Systems for its network devices. \nAn attacker may exploit this issue to bypass certain security restrictions and perform unauthorized actions. \nThis issue is being tracked by Cisco Bug ID CSCup62157",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0659"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001669"
},
{
"db": "CNVD",
"id": "CNVD-2015-01498"
},
{
"db": "BID",
"id": "72966"
},
{
"db": "VULHUB",
"id": "VHN-78605"
},
{
"db": "VULMON",
"id": "CVE-2015-0659"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-0659",
"trust": 3.5
},
{
"db": "SECTRACK",
"id": "1031845",
"trust": 1.2
},
{
"db": "BID",
"id": "72966",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001669",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201503-118",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-01498",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-78605",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-0659",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01498"
},
{
"db": "VULHUB",
"id": "VHN-78605"
},
{
"db": "VULMON",
"id": "CVE-2015-0659"
},
{
"db": "BID",
"id": "72966"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001669"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-118"
},
{
"db": "NVD",
"id": "CVE-2015-0659"
}
]
},
"id": "VAR-201503-0163",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01498"
},
{
"db": "VULHUB",
"id": "VHN-78605"
}
],
"trust": 1.32263757
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01498"
}
]
},
"last_update_date": "2024-02-13T22:54:16.136000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Cisco IOS Autonomic Networking Infrastructure Self-Referential Vulnerability",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2015-0659"
},
{
"title": "Patches for unexplained vulnerabilities in the Cisco IOS Autonomic Networking Infrastructure feature",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/55938"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01498"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001669"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0659"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2015-0659"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1031845"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0659"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0659"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/public/sw-center/sw-ios.shtml"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-01498"
},
{
"db": "VULHUB",
"id": "VHN-78605"
},
{
"db": "VULMON",
"id": "CVE-2015-0659"
},
{
"db": "BID",
"id": "72966"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001669"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-118"
},
{
"db": "NVD",
"id": "CVE-2015-0659"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-01498"
},
{
"db": "VULHUB",
"id": "VHN-78605"
},
{
"db": "VULMON",
"id": "CVE-2015-0659"
},
{
"db": "BID",
"id": "72966"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001669"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-118"
},
{
"db": "NVD",
"id": "CVE-2015-0659"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-01498"
},
{
"date": "2015-03-06T00:00:00",
"db": "VULHUB",
"id": "VHN-78605"
},
{
"date": "2015-03-06T00:00:00",
"db": "VULMON",
"id": "CVE-2015-0659"
},
{
"date": "2015-03-05T00:00:00",
"db": "BID",
"id": "72966"
},
{
"date": "2015-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001669"
},
{
"date": "2015-03-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-118"
},
{
"date": "2015-03-06T03:00:15.237000",
"db": "NVD",
"id": "CVE-2015-0659"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-01498"
},
{
"date": "2015-11-02T00:00:00",
"db": "VULHUB",
"id": "VHN-78605"
},
{
"date": "2015-11-02T00:00:00",
"db": "VULMON",
"id": "CVE-2015-0659"
},
{
"date": "2015-03-05T00:00:00",
"db": "BID",
"id": "72966"
},
{
"date": "2015-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001669"
},
{
"date": "2015-03-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-118"
},
{
"date": "2015-11-02T18:28:57.733000",
"db": "NVD",
"id": "CVE-2015-0659"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201503-118"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IOS of Autonomic Networking Infrastructure Vulnerabilities triggered by self-reference adjacency in implementations",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001669"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "72966"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…