CVE-2015-0648 (GCVE-0-2015-0648)

Vulnerability from cvelistv5 – Published: 2015-03-26 10:00 – Updated: 2024-08-06 04:17
VLAI?
Summary
Memory leak in Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (memory consumption) via crafted Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun49658.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://tools.cisco.com/security/center/content/Ci… vendor-advisoryx_refsource_CISCO
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T04:17:32.593Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20150325 Multiple Vulnerabilities in Cisco IOS Software Common Industrial Protocol",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-03-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory leak in Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (memory consumption) via crafted Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun49658."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2015-03-26T05:57:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20150325 Multiple Vulnerabilities in Cisco IOS Software Common Industrial Protocol",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2015-0648",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Memory leak in Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (memory consumption) via crafted Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun49658."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20150325 Multiple Vulnerabilities in Cisco IOS Software Common Industrial Protocol",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2015-0648",
    "datePublished": "2015-03-26T10:00:00",
    "dateReserved": "2015-01-07T00:00:00",
    "dateUpdated": "2024-08-06T04:17:32.593Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)ird1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ACA00878-FA42-4234-B3CD-F2F07F7CE9EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)ire3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B785F54A-DD27-4422-8F25-0A6EB3E36EEA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sxi4b:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"95470E1A-2FEC-41DA-8259-EE4F890A32B5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(44\\\\)ex:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E632468F-4B62-4937-8CA6-5B8023451F80\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(44\\\\)ex1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C853E612-2C4B-4595-AD6F-22E34B68C69A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(44\\\\)sq1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"742DA70E-6FF9-451D-9E62-F81EFB0BEB6C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(46\\\\)se:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D9E61C16-55F9-4054-8CC2-38D5197A1FDE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(46\\\\)se1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A6DA25F2-2404-4DFA-9FB7-CE9DEA57ABBC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(46\\\\)se2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49E8D759-07E9-49DB-B8EB-A9C06A8D8031\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(50\\\\)se:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D7EF0685-7BEF-4F84-902C-DFE533CD2F34\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(50\\\\)se1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F114FD7-F62C-4A24-9CE6-C9A7136465F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(50\\\\)se2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"892F72BE-B65F-4271-9042-3B459DFBB43C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(50\\\\)se3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7715D0D0-E8B2-444A-A590-7B5B0BFA713F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(50\\\\)se4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B526DE1-EEA7-47E4-B291-09C02F018A16\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(50\\\\)se5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5ECDE91B-EA0E-4938-BC64-6A2A7DAF2A2B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(52\\\\)se:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5898745E-C1D3-4D0E-8476-2EEAA4327B5C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(52\\\\)se1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"887C5632-F3F7-4EDB-A065-D81F64A9B15C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(55\\\\)se:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CF4F2951-FF09-45FC-81BD-7C8C6C7CD1D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(55\\\\)se3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD7C3DF8-2B59-41EB-A151-15E46348DF9B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(55\\\\)se4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"700DDE2E-922C-426F-8751-BADD15055AD7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(55\\\\)se5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D6CA171-4BE2-4204-BDAB-EA19BCD4842A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(55\\\\)se6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"84766AF1-DC74-4D64-A4E1-56B377D6CE48\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(55\\\\)se7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D4A0517-EF86-4655-B4B4-246ED3A84803\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(55\\\\)se8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0E3912E-11F7-421B-A5C4-35568A6E386B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(55\\\\)se9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"360F3E49-D75A-4ACE-B775-14055272C861\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(58\\\\)se2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BEECEF97-EC6A-43C8-A7AB-5C48948183FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.4\\\\(25e\\\\)jam1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"30FFBD57-E751-42C8-AE89-CD2073F45688\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.4\\\\(25e\\\\)jap1m:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4D3B067-46F9-460B-A3EB-7FCA3DDA7E3E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.4\\\\(25e\\\\)jaz1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81CA75FF-8C2E-4D9C-BE57-34EF801C28D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.0\\\\(1\\\\)ey:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5AF55C0A-768F-445A-AF40-2B553363AF18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.0\\\\(1\\\\)ey1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9E7D5CC-521E-4B2A-B6DB-D2A49D31DE4B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.0\\\\(1\\\\)ey2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"10D75DC6-D7B1-46D2-ABEF-97D908992FF1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)eb:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"15FCA457-9074-4876-A21A-144F03CD6450\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)ed1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E5D3C419-D1FF-45E8-A5B1-AFFC59567478\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)ey:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8AC1EA3-AD9C-4AE1-91B6-4EBD22B77D47\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)ey1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6CA27BF-13BC-4C13-A049-FA50247ACE9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)ey2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"82C8B101-CB42-43CF-98CE-44EE5FBC9BF2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)ey3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"054583DC-AAF8-4BF0-AC13-5A488476C161\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)se:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85A9B13E-8CF7-4879-8C33-8E690291335F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)se1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A634C47-2FD6-4106-86B6-DD465A5394E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)se2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"05DDA3F8-7207-4FC9-B491-F49418975D5A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)se3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"91E64DDB-BF0A-4CCF-A01A-B45A9D566C0F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)se4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1E28EAD6-BD32-4DD7-9558-6E7F5264DCA9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)se5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D09AEBD6-56E7-4D22-B300-C904464FE75F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)se6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8AD98F15-F847-4968-8A9E-D4D5D2ED4FE0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)se7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"97525468-9E3E-4E34-8319-B4DFB51BC4D2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.2\\\\(1\\\\)ex:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E92C269-3C17-4C9D-970F-E9C8EE709ADA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.2\\\\(1\\\\)ey:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D601E90-6F2A-4C66-97A2-152031C88DB6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.2\\\\(2\\\\)e:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3A156FE-590E-49DB-819D-4103D629829D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.2\\\\(2\\\\)e1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1F6C767-042C-4277-90F4-F81D9AFFF227\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.2\\\\(2\\\\)jb1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E15A69BF-50B6-42BE-9F44-7A7EBA28CC6D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.3\\\\(2\\\\)s2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B7E5969-E55B-4EBF-ADDE-8A969174E03D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.3\\\\(3\\\\)ja:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C57A83D0-E043-4294-A61D-730FAE30CCEF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.3\\\\(3\\\\)ja1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71493AA2-49E9-4FF5-AC29-DC2426973EC6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.3\\\\(3\\\\)ja1m:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C1E9625-A8CF-4D0F-BB0D-9FB91391D977\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.3\\\\(3\\\\)ja1n:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49DAE7DA-E0D3-4434-AD75-C8894D939A83\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.3\\\\(3\\\\)jaa:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3BD12E4-2ADA-4E3D-A12D-FF0E1031D677\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.3\\\\(3\\\\)jab:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"915E4321-D52D-4C16-8821-ED16529C9090\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.3\\\\(3\\\\)jab1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CBEF7B94-3510-48FA-B783-1BF1C23C2C0C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.3\\\\(3\\\\)jn:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"32E6CCE7-88BB-4F4F-9253-EC67B5076767\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.3\\\\(3\\\\)jnb:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9BC3CD43-F30A-484B-9285-D925C1262212\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Memory leak in Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (memory consumption) via crafted Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun49658.\"}, {\"lang\": \"es\", \"value\": \"Fuga de memoria en Cisco IOS 12.2, 12.4, 15.0, 15.2, y 15.3 permite a atacantes remotos causar una denegaci\\u00f3n de servicio (consumo de memoria) a trav\\u00e9s de paquetes TCP de Common Industrial Protocol (CIP) manipulados, tambi\\u00e9n conocido como Bug ID CSCun49658.\"}]",
      "id": "CVE-2015-0648",
      "lastModified": "2024-11-21T02:23:28.203",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2015-03-26T10:59:13.270",
      "references": "[{\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-399\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-0648\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2015-03-26T10:59:13.270\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Memory leak in Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (memory consumption) via crafted Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun49658.\"},{\"lang\":\"es\",\"value\":\"Fuga de memoria en Cisco IOS 12.2, 12.4, 15.0, 15.2, y 15.3 permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de memoria) a trav\u00e9s de paquetes TCP de Common Industrial Protocol (CIP) manipulados, tambi\u00e9n conocido como Bug ID CSCun49658.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)ird1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACA00878-FA42-4234-B3CD-F2F07F7CE9EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)ire3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B785F54A-DD27-4422-8F25-0A6EB3E36EEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sxi4b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95470E1A-2FEC-41DA-8259-EE4F890A32B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(44\\\\)ex:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E632468F-4B62-4937-8CA6-5B8023451F80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(44\\\\)ex1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C853E612-2C4B-4595-AD6F-22E34B68C69A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(44\\\\)sq1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"742DA70E-6FF9-451D-9E62-F81EFB0BEB6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(46\\\\)se:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9E61C16-55F9-4054-8CC2-38D5197A1FDE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(46\\\\)se1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6DA25F2-2404-4DFA-9FB7-CE9DEA57ABBC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(46\\\\)se2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49E8D759-07E9-49DB-B8EB-A9C06A8D8031\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(50\\\\)se:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7EF0685-7BEF-4F84-902C-DFE533CD2F34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(50\\\\)se1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F114FD7-F62C-4A24-9CE6-C9A7136465F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(50\\\\)se2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"892F72BE-B65F-4271-9042-3B459DFBB43C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(50\\\\)se3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7715D0D0-E8B2-444A-A590-7B5B0BFA713F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(50\\\\)se4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B526DE1-EEA7-47E4-B291-09C02F018A16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(50\\\\)se5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5ECDE91B-EA0E-4938-BC64-6A2A7DAF2A2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(52\\\\)se:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5898745E-C1D3-4D0E-8476-2EEAA4327B5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(52\\\\)se1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"887C5632-F3F7-4EDB-A065-D81F64A9B15C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(55\\\\)se:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF4F2951-FF09-45FC-81BD-7C8C6C7CD1D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(55\\\\)se3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD7C3DF8-2B59-41EB-A151-15E46348DF9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(55\\\\)se4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"700DDE2E-922C-426F-8751-BADD15055AD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(55\\\\)se5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D6CA171-4BE2-4204-BDAB-EA19BCD4842A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(55\\\\)se6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84766AF1-DC74-4D64-A4E1-56B377D6CE48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(55\\\\)se7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D4A0517-EF86-4655-B4B4-246ED3A84803\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(55\\\\)se8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0E3912E-11F7-421B-A5C4-35568A6E386B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(55\\\\)se9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"360F3E49-D75A-4ACE-B775-14055272C861\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(58\\\\)se2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEECEF97-EC6A-43C8-A7AB-5C48948183FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.4\\\\(25e\\\\)jam1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30FFBD57-E751-42C8-AE89-CD2073F45688\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.4\\\\(25e\\\\)jap1m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4D3B067-46F9-460B-A3EB-7FCA3DDA7E3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.4\\\\(25e\\\\)jaz1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81CA75FF-8C2E-4D9C-BE57-34EF801C28D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.0\\\\(1\\\\)ey:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AF55C0A-768F-445A-AF40-2B553363AF18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.0\\\\(1\\\\)ey1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9E7D5CC-521E-4B2A-B6DB-D2A49D31DE4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.0\\\\(1\\\\)ey2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10D75DC6-D7B1-46D2-ABEF-97D908992FF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)eb:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15FCA457-9074-4876-A21A-144F03CD6450\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)ed1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5D3C419-D1FF-45E8-A5B1-AFFC59567478\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)ey:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8AC1EA3-AD9C-4AE1-91B6-4EBD22B77D47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)ey1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6CA27BF-13BC-4C13-A049-FA50247ACE9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)ey2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82C8B101-CB42-43CF-98CE-44EE5FBC9BF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)ey3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"054583DC-AAF8-4BF0-AC13-5A488476C161\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)se:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85A9B13E-8CF7-4879-8C33-8E690291335F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)se1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A634C47-2FD6-4106-86B6-DD465A5394E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)se2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05DDA3F8-7207-4FC9-B491-F49418975D5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)se3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91E64DDB-BF0A-4CCF-A01A-B45A9D566C0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)se4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E28EAD6-BD32-4DD7-9558-6E7F5264DCA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)se5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D09AEBD6-56E7-4D22-B300-C904464FE75F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)se6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AD98F15-F847-4968-8A9E-D4D5D2ED4FE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)se7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97525468-9E3E-4E34-8319-B4DFB51BC4D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.2\\\\(1\\\\)ex:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E92C269-3C17-4C9D-970F-E9C8EE709ADA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.2\\\\(1\\\\)ey:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D601E90-6F2A-4C66-97A2-152031C88DB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.2\\\\(2\\\\)e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3A156FE-590E-49DB-819D-4103D629829D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.2\\\\(2\\\\)e1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1F6C767-042C-4277-90F4-F81D9AFFF227\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.2\\\\(2\\\\)jb1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E15A69BF-50B6-42BE-9F44-7A7EBA28CC6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.3\\\\(2\\\\)s2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B7E5969-E55B-4EBF-ADDE-8A969174E03D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.3\\\\(3\\\\)ja:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C57A83D0-E043-4294-A61D-730FAE30CCEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.3\\\\(3\\\\)ja1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71493AA2-49E9-4FF5-AC29-DC2426973EC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.3\\\\(3\\\\)ja1m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C1E9625-A8CF-4D0F-BB0D-9FB91391D977\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.3\\\\(3\\\\)ja1n:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49DAE7DA-E0D3-4434-AD75-C8894D939A83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.3\\\\(3\\\\)jaa:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3BD12E4-2ADA-4E3D-A12D-FF0E1031D677\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.3\\\\(3\\\\)jab:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"915E4321-D52D-4C16-8821-ED16529C9090\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.3\\\\(3\\\\)jab1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBEF7B94-3510-48FA-B783-1BF1C23C2C0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.3\\\\(3\\\\)jn:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32E6CCE7-88BB-4F4F-9253-EC67B5076767\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.3\\\\(3\\\\)jnb:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BC3CD43-F30A-484B-9285-D925C1262212\"}]}]}],\"references\":[{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.