cvelistv5 - CVE-2015-0618

CVE-2015-0618 (GCVE-0-2015-0618)

Vulnerability from cvelistv5 – Published: 2015-02-21 11:00 – Updated: 2024-08-06 04:17

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

	http://www.securityfocus.com/bid/72713	vdb-entryx_refsource_BID
	http://www.securitytracker.com/id/1031778	vdb-entryx_refsource_SECTRACK
	http://tools.cisco.com/security/center/content/Ci…	vendor-advisoryx_refsource_CISCO

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T04:17:32.556Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "72713",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/72713"
          },
          {
            "name": "1031778",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1031778"
          },
          {
            "name": "20150220 Cisco IOS XR Software IPv6 Malformed Packet Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-02-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X (CRS-X) devices allows remote attackers to cause a denial of service (line-card reload) via malformed IPv6 packets with extension headers, aka Bug ID CSCuq95241."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2015-02-26T20:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "72713",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/72713"
        },
        {
          "name": "1031778",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1031778"
        },
        {
          "name": "20150220 Cisco IOS XR Software IPv6 Malformed Packet Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2015-0618",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X (CRS-X) devices allows remote attackers to cause a denial of service (line-card reload) via malformed IPv6 packets with extension headers, aka Bug ID CSCuq95241."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "72713",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/72713"
            },
            {
              "name": "1031778",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1031778"
            },
            {
              "name": "20150220 Cisco IOS XR Software IPv6 Malformed Packet Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2015-0618",
    "datePublished": "2015-02-21T11:00:00",
    "dateReserved": "2015-01-07T00:00:00",
    "dateUpdated": "2024-08-06T04:17:32.556Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xr:5.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"96BFB5A5-EF04-4334-9A62-558A375DE768\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xr:5.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"95175A2E-14DB-4730-93EA-2291ED7E0DFC\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:network_convergence_system_6000:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"907D316A-5FAE-4DFC-8FF1-60C87BA06362\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:carrier_routing_system:5.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8DF8A05-DA6E-449C-8E06-A4032196DCEB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:carrier_routing_system:5.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E8DDAB0-A852-44F6-8B6F-1757A1B38BEA\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X (CRS-X) devices allows remote attackers to cause a denial of service (line-card reload) via malformed IPv6 packets with extension headers, aka Bug ID CSCuq95241.\"}, {\"lang\": \"es\", \"value\": \"Cisco IOS XR 5.0.1 y 5.2.1 en los dispositivos Network Convergence System (NCS) 6000 y 5.1.3 y 5.1.4 en los dispositivos Carrier Routing System X (CRS-X) permite a atacantes remotos causar una denegaci\\u00f3n de servicio (recarga de tarjeta de l\\u00ednea) a trav\\u00e9s de paquetes IPv6 malformados con cabeceras de extensiones, tambi\\u00e9n conocido como Bug ID CSCuq95241.\"}]",
      "id": "CVE-2015-0618",
      "lastModified": "2024-11-21T02:23:25.247",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.1, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2015-02-21T11:59:01.327",
      "references": "[{\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/72713\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://www.securitytracker.com/id/1031778\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/72713\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1031778\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-19\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-0618\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2015-02-21T11:59:01.327\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X (CRS-X) devices allows remote attackers to cause a denial of service (line-card reload) via malformed IPv6 packets with extension headers, aka Bug ID CSCuq95241.\"},{\"lang\":\"es\",\"value\":\"Cisco IOS XR 5.0.1 y 5.2.1 en los dispositivos Network Convergence System (NCS) 6000 y 5.1.3 y 5.1.4 en los dispositivos Carrier Routing System X (CRS-X) permite a atacantes remotos causar una denegaci\u00f3n de servicio (recarga de tarjeta de l\u00ednea) a trav\u00e9s de paquetes IPv6 malformados con cabeceras de extensiones, tambi\u00e9n conocido como Bug ID CSCuq95241.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:C\",\"baseScore\":7.1,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-19\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96BFB5A5-EF04-4334-9A62-558A375DE768\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:5.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95175A2E-14DB-4730-93EA-2291ED7E0DFC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:network_convergence_system_6000:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"907D316A-5FAE-4DFC-8FF1-60C87BA06362\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:carrier_routing_system:5.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8DF8A05-DA6E-449C-8E06-A4032196DCEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:carrier_routing_system:5.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E8DDAB0-A852-44F6-8B6F-1757A1B38BEA\"}]}]}],\"references\":[{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/72713\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://www.securitytracker.com/id/1031778\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/72713\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1031778\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CNVD-2015-01353

Vulnerability from cnvd - Published: 2015-03-02

Title

Cisco IOS XR Software IPv6报文处理拒绝服务漏洞

Description

Cisco IOS XR是Cisco IOS软件家族的一员,使用基于微内核分配操作系统架构。 Network Convergence System (NCS) 6000 devices设备上的Cisco IOS XR 5.0.1和5.2.1，Carrier Routing System X (CRS-X)设备上的Cisco IOS XR 5.1.3和5.1.4未能正确处理包含扩展头的畸形IPv6豹纹，远程攻击者可以利用漏洞可使应用程序崩溃。

Severity

高

Patch Name

Cisco IOS XR Software IPv6报文处理拒绝服务漏洞的补丁

Patch Description

Cisco IOS XR是Cisco IOS软件家族的一员,使用基于微内核分配操作系统架构。Network Convergence System (NCS) 6000 devices设备上的Cisco IOS XR 5.0.1和5.2.1，Carrier Routing System X (CRS-X)设备上的Cisco IOS XR 5.1.3和5.1.4未能正确处理包含扩展头的畸形IPv6豹纹，远程攻击者可以利用漏洞可使应用程序崩溃。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞： http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6

Impacted products

Name
Cisco IOS XR Software

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "72713"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-0618"
    }
  },
  "description": "Cisco IOS XR\u662fCisco IOS\u8f6f\u4ef6\u5bb6\u65cf\u7684\u4e00\u5458,\u4f7f\u7528\u57fa\u4e8e\u5fae\u5185\u6838\u5206\u914d\u64cd\u4f5c\u7cfb\u7edf\u67b6\u6784\u3002\r\n\r\nNetwork Convergence System (NCS) 6000 devices\u8bbe\u5907\u4e0a\u7684Cisco IOS XR 5.0.1\u548c5.2.1\uff0cCarrier Routing System X (CRS-X)\u8bbe\u5907\u4e0a\u7684Cisco IOS XR 5.1.3\u548c5.1.4\u672a\u80fd\u6b63\u786e\u5904\u7406\u5305\u542b\u6269\u5c55\u5934\u7684\u7578\u5f62IPv6\u8c79\u7eb9\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u53ef\u4f7f\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u53d6\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-01353",
  "openTime": "2015-03-02",
  "patchDescription": "Cisco IOS XR\u662fCisco IOS\u8f6f\u4ef6\u5bb6\u65cf\u7684\u4e00\u5458,\u4f7f\u7528\u57fa\u4e8e\u5fae\u5185\u6838\u5206\u914d\u64cd\u4f5c\u7cfb\u7edf\u67b6\u6784\u3002Network Convergence System (NCS) 6000 devices\u8bbe\u5907\u4e0a\u7684Cisco IOS XR 5.0.1\u548c5.2.1\uff0cCarrier Routing System X (CRS-X)\u8bbe\u5907\u4e0a\u7684Cisco IOS XR 5.1.3\u548c5.1.4\u672a\u80fd\u6b63\u786e\u5904\u7406\u5305\u542b\u6269\u5c55\u5934\u7684\u7578\u5f62IPv6\u8c79\u7eb9\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u53ef\u4f7f\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco IOS XR Software IPv6\u62a5\u6587\u5904\u7406\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Cisco IOS XR Software"
  },
  "referenceLink": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6",
  "serverity": "\u9ad8",
  "submitTime": "2015-02-26",
  "title": "Cisco IOS XR Software IPv6\u62a5\u6587\u5904\u7406\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

VAR-201502-0146

Vulnerability from variot - Updated: 2023-12-18 13:14

Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X (CRS-X) devices allows remote attackers to cause a denial of service (line-card reload) via malformed IPv6 packets with extension headers, aka Bug ID CSCuq95241. Vendors have confirmed this vulnerability Bug ID CSCuq95241 It is released as. Supplementary information : CWE Vulnerability type by CWE-19: Data Handling ( Data processing ) Has been identified. http://cwe.mitre.org/data/definitions/19.htmlA third party could use a malformed IPv6 Service disruption via packets ( Reload line card ) There is a possibility of being put into a state. Cisco IOS XR is prone to a remote denial-of-service vulnerability

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201502-0146",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "5.0.1"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "5.2.1"
      },
      {
        "model": "carrier routing system",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "5.1.3"
      },
      {
        "model": "carrier routing system",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "5.1.4"
      },
      {
        "model": "carrier routing system",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "(ios xr 5.3.0  )"
      },
      {
        "model": "ios xr",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "5.2.3"
      },
      {
        "model": "ios xr",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "5.3.0"
      },
      {
        "model": "network convergence system 6000 series router",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "(ios xr 5.2.3  )"
      },
      {
        "model": "ios xr for cisco network convergence system series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0.160000"
      },
      {
        "model": "ios xr for cisco network convergence system series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0.060000"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.1"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "72713"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001581"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-0618"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201502-380"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:5.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:5.2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:network_convergence_system_6000:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:carrier_routing_system:5.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:carrier_routing_system:5.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-0618"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "72713"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2015-0618",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.1,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2015-0618",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-78564",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2015-0618",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201502-380",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-78564",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-78564"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001581"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-0618"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201502-380"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X (CRS-X) devices allows remote attackers to cause a denial of service (line-card reload) via malformed IPv6 packets with extension headers, aka Bug ID CSCuq95241. Vendors have confirmed this vulnerability Bug ID CSCuq95241 It is released as. Supplementary information : CWE Vulnerability type by CWE-19: Data Handling ( Data processing ) Has been identified. http://cwe.mitre.org/data/definitions/19.htmlA third party could use a malformed IPv6 Service disruption via packets ( Reload line card ) There is a possibility of being put into a state. Cisco IOS XR is prone to a remote denial-of-service vulnerability",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-0618"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001581"
      },
      {
        "db": "BID",
        "id": "72713"
      },
      {
        "db": "VULHUB",
        "id": "VHN-78564"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2015-0618",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "72713",
        "trust": 1.4
      },
      {
        "db": "SECTRACK",
        "id": "1031778",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001581",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201502-380",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-78564",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-78564"
      },
      {
        "db": "BID",
        "id": "72713"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001581"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-0618"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201502-380"
      }
    ]
  },
  "id": "VAR-201502-0146",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-78564"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:14:42.698000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20150220-ipv6",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150220-ipv6"
      },
      {
        "title": "37510",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=37510"
      },
      {
        "title": "cisco-sa-20150220-ipv6",
        "trust": 0.8,
        "url": "http://www.cisco.com/cisco/web/support/jp/112/1128/1128558_cisco-sa-20150220-ipv6-j.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001581"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-19",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-Other",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-78564"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001581"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-0618"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150220-ipv6"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/72713"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1031778"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0618"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0618"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      },
      {
        "trust": 0.3,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=37510"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-78564"
      },
      {
        "db": "BID",
        "id": "72713"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001581"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-0618"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201502-380"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-78564"
      },
      {
        "db": "BID",
        "id": "72713"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001581"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-0618"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201502-380"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-02-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-78564"
      },
      {
        "date": "2015-02-20T00:00:00",
        "db": "BID",
        "id": "72713"
      },
      {
        "date": "2015-02-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-001581"
      },
      {
        "date": "2015-02-21T11:59:01.327000",
        "db": "NVD",
        "id": "CVE-2015-0618"
      },
      {
        "date": "2015-02-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201502-380"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-11-27T00:00:00",
        "db": "VULHUB",
        "id": "VHN-78564"
      },
      {
        "date": "2015-02-20T00:00:00",
        "db": "BID",
        "id": "72713"
      },
      {
        "date": "2015-02-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-001581"
      },
      {
        "date": "2015-11-27T19:18:36.707000",
        "db": "NVD",
        "id": "CVE-2015-0618"
      },
      {
        "date": "2015-02-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201502-380"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201502-380"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Network Convergence System 6000 Device and  Carrier Routing System X Runs on the device  Cisco IOS XR Service disruption in  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-001581"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Failure to Handle Exceptional Conditions",
    "sources": [
      {
        "db": "BID",
        "id": "72713"
      }
    ],
    "trust": 0.3
  }
}

GSD-2015-0618

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2015-0618

Aliases

CVE-2015-0618

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-0618",
    "description": "Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X (CRS-X) devices allows remote attackers to cause a denial of service (line-card reload) via malformed IPv6 packets with extension headers, aka Bug ID CSCuq95241.",
    "id": "GSD-2015-0618"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-0618"
      ],
      "details": "Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X (CRS-X) devices allows remote attackers to cause a denial of service (line-card reload) via malformed IPv6 packets with extension headers, aka Bug ID CSCuq95241.",
      "id": "GSD-2015-0618",
      "modified": "2023-12-13T01:19:58.001329Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2015-0618",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X (CRS-X) devices allows remote attackers to cause a denial of service (line-card reload) via malformed IPv6 packets with extension headers, aka Bug ID CSCuq95241."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "72713",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/72713"
          },
          {
            "name": "1031778",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1031778"
          },
          {
            "name": "20150220 Cisco IOS XR Software IPv6 Malformed Packet Denial of Service Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:5.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:5.2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:network_convergence_system_6000:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:carrier_routing_system:5.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:carrier_routing_system:5.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2015-0618"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X (CRS-X) devices allows remote attackers to cause a denial of service (line-card reload) via malformed IPv6 packets with extension headers, aka Bug ID CSCuq95241."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-19"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20150220 Cisco IOS XR Software IPv6 Malformed Packet Denial of Service Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6"
            },
            {
              "name": "72713",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/72713"
            },
            {
              "name": "1031778",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1031778"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2015-11-27T19:18Z",
      "publishedDate": "2015-02-21T11:59Z"
    }
  }
}

GHSA-3PRQ-M3R6-7FW4

Vulnerability from github – Published: 2022-05-17 04:01 – Updated: 2022-05-17 04:01

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-0618"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-02-21T11:59:00Z",
    "severity": "HIGH"
  },
  "details": "Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X (CRS-X) devices allows remote attackers to cause a denial of service (line-card reload) via malformed IPv6 packets with extension headers, aka Bug ID CSCuq95241.",
  "id": "GHSA-3prq-m3r6-7fw4",
  "modified": "2022-05-17T04:01:24Z",
  "published": "2022-05-17T04:01:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0618"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/72713"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1031778"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTFR-2015-AVI-077

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été corrigée dans Cisco IOS. Elle permet à un attaquant de provoquer un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Cisco	IOS	Cisco Network Convergence System 6000 avec Cisco IOS versions 5.2.1 et antérieures
	Cisco	IOS	Cisco Carrier Routing System X avec Cisco IOS versions 5.1.4 et antérieures

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20150220-ipv6 du 20 février 2015	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20150220-ipv6 du 20 février 2015	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco Network Convergence System 6000 avec Cisco IOS versions 5.2.1 et ant\u00e9rieures",
      "product": {
        "name": "IOS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Carrier Routing System X avec Cisco IOS versions 5.1.4 et ant\u00e9rieures",
      "product": {
        "name": "IOS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-0618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0618"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20150220-ipv6 du 20    f\u00e9vrier 2015",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6"
    }
  ],
  "reference": "CERTFR-2015-AVI-077",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-02-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eCisco\nIOS\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Cisco IOS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20150220-ipv6 du 20 f\u00e9vrier 2015",
      "url": null
    }
  ]
}

CERTFR-2015-AVI-077

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été corrigée dans Cisco IOS. Elle permet à un attaquant de provoquer un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Cisco	IOS	Cisco Network Convergence System 6000 avec Cisco IOS versions 5.2.1 et antérieures
	Cisco	IOS	Cisco Carrier Routing System X avec Cisco IOS versions 5.1.4 et antérieures

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20150220-ipv6 du 20 février 2015	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20150220-ipv6 du 20 février 2015	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco Network Convergence System 6000 avec Cisco IOS versions 5.2.1 et ant\u00e9rieures",
      "product": {
        "name": "IOS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Carrier Routing System X avec Cisco IOS versions 5.1.4 et ant\u00e9rieures",
      "product": {
        "name": "IOS",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-0618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0618"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20150220-ipv6 du 20    f\u00e9vrier 2015",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6"
    }
  ],
  "reference": "CERTFR-2015-AVI-077",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-02-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eCisco\nIOS\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Cisco IOS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20150220-ipv6 du 20 f\u00e9vrier 2015",
      "url": null
    }
  ]
}

FKIE_CVE-2015-0618

Vulnerability from fkie_nvd - Published: 2015-02-21 11:59 - Updated: 2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6	Vendor Advisory
psirt@cisco.com	http://www.securityfocus.com/bid/72713
psirt@cisco.com	http://www.securitytracker.com/id/1031778
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/72713
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1031778

Impacted products

Vendor	Product	Version
cisco	ios_xr	5.0.1
cisco	ios_xr	5.2.1
cisco	network_convergence_system_6000	*
cisco	carrier_routing_system	5.1.3
cisco	carrier_routing_system	5.1.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "96BFB5A5-EF04-4334-9A62-558A375DE768",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "95175A2E-14DB-4730-93EA-2291ED7E0DFC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:network_convergence_system_6000:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "907D316A-5FAE-4DFC-8FF1-60C87BA06362",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:carrier_routing_system:5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8DF8A05-DA6E-449C-8E06-A4032196DCEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:carrier_routing_system:5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E8DDAB0-A852-44F6-8B6F-1757A1B38BEA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X (CRS-X) devices allows remote attackers to cause a denial of service (line-card reload) via malformed IPv6 packets with extension headers, aka Bug ID CSCuq95241."
    },
    {
      "lang": "es",
      "value": "Cisco IOS XR 5.0.1 y 5.2.1 en los dispositivos Network Convergence System (NCS) 6000 y 5.1.3 y 5.1.4 en los dispositivos Carrier Routing System X (CRS-X) permite a atacantes remotos causar una denegaci\u00f3n de servicio (recarga de tarjeta de l\u00ednea) a trav\u00e9s de paquetes IPv6 malformados con cabeceras de extensiones, tambi\u00e9n conocido como Bug ID CSCuq95241."
    }
  ],
  "id": "CVE-2015-0618",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-02-21T11:59:01.327",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/72713"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1031778"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150220-ipv6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/72713"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1031778"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-19"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2015-0618 (GCVE-0-2015-0618)

CNVD-2015-01353

VAR-201502-0146

GSD-2015-0618

GHSA-3PRQ-M3R6-7FW4

CERTFR-2015-AVI-077

Solution

CERTFR-2015-AVI-077

Solution

FKIE_CVE-2015-0618

Tags

Sightings

Nomenclature