var-201510-0028
Vulnerability from variot
Cisco ASR 5500 System Architecture Evolution (SAE) Gateway devices with software 19.1.0.61559 and 19.2.0 allow remote attackers to cause a denial of service (BGP process restart) via a crafted header in a BGP packet, aka Bug ID CSCuw65781. A remote attacker exploiting this vulnerability could result in a denial of service. An attacker can exploit this issue to cause the BGP process to reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCuw65781. The vulnerability is caused by the program not properly validating BGP packet headers
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0028",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "asr 5000 software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "19.1.0.61559"
},
{
"model": "asr 5000 software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "19.2.0"
},
{
"model": "asr 5000 series software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "19.1.0.61559"
},
{
"model": "asr 5000 series software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "19.2.0"
},
{
"model": "asr system software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "550019.1.0.61559"
},
{
"model": "asr system software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "550019.2.0"
},
{
"model": "asr system architecture evolution gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "550019.2.0"
},
{
"model": "asr system architecture evolution gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "550019.1.0.61559"
},
{
"model": "asr series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07232"
},
{
"db": "BID",
"id": "77355"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005688"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-785"
},
{
"db": "NVD",
"id": "CVE-2015-6351"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:asr_5000_series_software",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005688"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "77355"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6351",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6351",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-07232",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-84312",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6351",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6351",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-07232",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-785",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-84312",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-6351",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07232"
},
{
"db": "VULHUB",
"id": "VHN-84312"
},
{
"db": "VULMON",
"id": "CVE-2015-6351"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005688"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-785"
},
{
"db": "NVD",
"id": "CVE-2015-6351"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco ASR 5500 System Architecture Evolution (SAE) Gateway devices with software 19.1.0.61559 and 19.2.0 allow remote attackers to cause a denial of service (BGP process restart) via a crafted header in a BGP packet, aka Bug ID CSCuw65781. A remote attacker exploiting this vulnerability could result in a denial of service. \nAn attacker can exploit this issue to cause the BGP process to reload, denying service to legitimate users. \nThis issue is being tracked by Cisco Bug ID CSCuw65781. The vulnerability is caused by the program not properly validating BGP packet headers",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6351"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005688"
},
{
"db": "CNVD",
"id": "CNVD-2015-07232"
},
{
"db": "BID",
"id": "77355"
},
{
"db": "VULHUB",
"id": "VHN-84312"
},
{
"db": "VULMON",
"id": "CVE-2015-6351"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6351",
"trust": 3.5
},
{
"db": "SECTRACK",
"id": "1034024",
"trust": 1.2
},
{
"db": "BID",
"id": "77355",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005688",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201510-785",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-07232",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-84312",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-6351",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07232"
},
{
"db": "VULHUB",
"id": "VHN-84312"
},
{
"db": "VULMON",
"id": "CVE-2015-6351"
},
{
"db": "BID",
"id": "77355"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005688"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-785"
},
{
"db": "NVD",
"id": "CVE-2015-6351"
}
]
},
"id": "VAR-201510-0028",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07232"
},
{
"db": "VULHUB",
"id": "VHN-84312"
}
],
"trust": 1.4134865099999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07232"
}
]
},
"last_update_date": "2024-11-23T22:49:21.531000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20151028-asr",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151028-asr"
},
{
"title": "Patch for Cisco ASR 5500 SAE Gateway Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/66242"
},
{
"title": "Cisco ASR 5500 System Architecture Evolution Gateway Enter the fix for the verification vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58516"
},
{
"title": "Cisco: Cisco ASR 5500 SAE Gateway BGP Denial of Service Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20151028-asr"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07232"
},
{
"db": "VULMON",
"id": "CVE-2015-6351"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005688"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-785"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84312"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005688"
},
{
"db": "NVD",
"id": "CVE-2015-6351"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151028-asr"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1034024"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6351"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6351"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07232"
},
{
"db": "VULHUB",
"id": "VHN-84312"
},
{
"db": "VULMON",
"id": "CVE-2015-6351"
},
{
"db": "BID",
"id": "77355"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005688"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-785"
},
{
"db": "NVD",
"id": "CVE-2015-6351"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-07232"
},
{
"db": "VULHUB",
"id": "VHN-84312"
},
{
"db": "VULMON",
"id": "CVE-2015-6351"
},
{
"db": "BID",
"id": "77355"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005688"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-785"
},
{
"db": "NVD",
"id": "CVE-2015-6351"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07232"
},
{
"date": "2015-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-84312"
},
{
"date": "2015-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6351"
},
{
"date": "2015-10-29T00:00:00",
"db": "BID",
"id": "77355"
},
{
"date": "2015-11-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005688"
},
{
"date": "2015-10-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-785"
},
{
"date": "2015-10-30T10:59:09.527000",
"db": "NVD",
"id": "CVE-2015-6351"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07232"
},
{
"date": "2016-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-84312"
},
{
"date": "2016-12-07T00:00:00",
"db": "VULMON",
"id": "CVE-2015-6351"
},
{
"date": "2015-10-29T00:00:00",
"db": "BID",
"id": "77355"
},
{
"date": "2015-11-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005688"
},
{
"date": "2015-11-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-785"
},
{
"date": "2024-11-21T02:34:50.157000",
"db": "NVD",
"id": "CVE-2015-6351"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-785"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco ASR 5500 System Architecture Evolution Gateway Service disruption in device software (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005688"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-785"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…