cvelistv5 - cve-2015-0685

CVE-2015-0685 (GCVE-0-2015-0685)

Vulnerability from cvelistv5 – Published: 2015-04-03 01:00 – Updated: 2024-08-06 04:17

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

	http://tools.cisco.com/security/center/viewAlert.…	vendor-advisoryx_refsource_CISCO
	http://www.securitytracker.com/id/1032004	vdb-entryx_refsource_SECTRACK

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T04:17:32.458Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20150331 Cisco ASR1000 Series Routers Incomplete or Glean Adjacencies Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38124"
          },
          {
            "name": "1032004",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032004"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-03-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco IOS XE before 3.7.5S on ASR 1000 devices does not properly handle route adjacencies, which allows remote attackers to cause a denial of service (device hang) via crafted IP packets, aka Bug ID CSCub31873."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2015-04-08T17:57:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20150331 Cisco ASR1000 Series Routers Incomplete or Glean Adjacencies Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38124"
        },
        {
          "name": "1032004",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032004"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2015-0685",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco IOS XE before 3.7.5S on ASR 1000 devices does not properly handle route adjacencies, which allows remote attackers to cause a denial of service (device hang) via crafted IP packets, aka Bug ID CSCub31873."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20150331 Cisco ASR1000 Series Routers Incomplete or Glean Adjacencies Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38124"
            },
            {
              "name": "1032004",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032004"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2015-0685",
    "datePublished": "2015-04-03T01:00:00",
    "dateReserved": "2015-01-07T00:00:00",
    "dateUpdated": "2024-08-06T04:17:32.458Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"3.7s.4\", \"matchCriteriaId\": \"E7BF7C92-8637-4C2D-8608-F2CE6F23FB91\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cisco IOS XE before 3.7.5S on ASR 1000 devices does not properly handle route adjacencies, which allows remote attackers to cause a denial of service (device hang) via crafted IP packets, aka Bug ID CSCub31873.\"}, {\"lang\": \"es\", \"value\": \"Cisco IOS XE anterior a 3.7.5S en los dispositivos ASR 1000 no maneja correctamente adyacencias de rutas, lo que permite a atacantes remotos causar una denegaci\\u00f3n de servicio (cuelgue de dispositivo) a trav\\u00e9s de paquetes IP manipulados, tambi\\u00e9n conocido como Bug ID CSCub31873.\"}]",
      "id": "CVE-2015-0685",
      "lastModified": "2024-11-21T02:23:32.110",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2015-04-03T02:00:24.317",
      "references": "[{\"url\": \"http://tools.cisco.com/security/center/viewAlert.x?alertId=38124\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id/1032004\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://tools.cisco.com/security/center/viewAlert.x?alertId=38124\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id/1032004\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-0685\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2015-04-03T02:00:24.317\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cisco IOS XE before 3.7.5S on ASR 1000 devices does not properly handle route adjacencies, which allows remote attackers to cause a denial of service (device hang) via crafted IP packets, aka Bug ID CSCub31873.\"},{\"lang\":\"es\",\"value\":\"Cisco IOS XE anterior a 3.7.5S en los dispositivos ASR 1000 no maneja correctamente adyacencias de rutas, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (cuelgue de dispositivo) a trav\u00e9s de paquetes IP manipulados, tambi\u00e9n conocido como Bug ID CSCub31873.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.7s.4\",\"matchCriteriaId\":\"E7BF7C92-8637-4C2D-8608-F2CE6F23FB91\"}]}]}],\"references\":[{\"url\":\"http://tools.cisco.com/security/center/viewAlert.x?alertId=38124\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1032004\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://tools.cisco.com/security/center/viewAlert.x?alertId=38124\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1032004\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GSD-2015-0685

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2015-0685

Aliases

CVE-2015-0685

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-0685",
    "description": "Cisco IOS XE before 3.7.5S on ASR 1000 devices does not properly handle route adjacencies, which allows remote attackers to cause a denial of service (device hang) via crafted IP packets, aka Bug ID CSCub31873.",
    "id": "GSD-2015-0685"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-0685"
      ],
      "details": "Cisco IOS XE before 3.7.5S on ASR 1000 devices does not properly handle route adjacencies, which allows remote attackers to cause a denial of service (device hang) via crafted IP packets, aka Bug ID CSCub31873.",
      "id": "GSD-2015-0685",
      "modified": "2023-12-13T01:19:58.940337Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2015-0685",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cisco IOS XE before 3.7.5S on ASR 1000 devices does not properly handle route adjacencies, which allows remote attackers to cause a denial of service (device hang) via crafted IP packets, aka Bug ID CSCub31873."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20150331 Cisco ASR1000 Series Routers Incomplete or Glean Adjacencies Denial of Service Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38124"
          },
          {
            "name": "1032004",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1032004"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.7s.4",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2015-0685"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cisco IOS XE before 3.7.5S on ASR 1000 devices does not properly handle route adjacencies, which allows remote attackers to cause a denial of service (device hang) via crafted IP packets, aka Bug ID CSCub31873."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20150331 Cisco ASR1000 Series Routers Incomplete or Glean Adjacencies Denial of Service Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38124"
            },
            {
              "name": "1032004",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1032004"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2015-09-29T19:30Z",
      "publishedDate": "2015-04-03T02:00Z"
    }
  }
}

FKIE_CVE-2015-0685

Vulnerability from fkie_nvd - Published: 2015-04-03 02:00 - Updated: 2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/viewAlert.x?alertId=38124	Vendor Advisory
psirt@cisco.com	http://www.securitytracker.com/id/1032004
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/viewAlert.x?alertId=38124	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1032004

Impacted products

	Vendor	Product	Version
	cisco	ios_xe	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7BF7C92-8637-4C2D-8608-F2CE6F23FB91",
              "versionEndIncluding": "3.7s.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco IOS XE before 3.7.5S on ASR 1000 devices does not properly handle route adjacencies, which allows remote attackers to cause a denial of service (device hang) via crafted IP packets, aka Bug ID CSCub31873."
    },
    {
      "lang": "es",
      "value": "Cisco IOS XE anterior a 3.7.5S en los dispositivos ASR 1000 no maneja correctamente adyacencias de rutas, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (cuelgue de dispositivo) a trav\u00e9s de paquetes IP manipulados, tambi\u00e9n conocido como Bug ID CSCub31873."
    }
  ],
  "id": "CVE-2015-0685",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-04-03T02:00:24.317",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38124"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1032004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38124"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1032004"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201504-0266

Vulnerability from variot - Updated: 2023-12-18 12:30

Cisco IOS XE before 3.7.5S on ASR 1000 devices does not properly handle route adjacencies, which allows remote attackers to cause a denial of service (device hang) via crafted IP packets, aka Bug ID CSCub31873. The Cisco ASR1000 Series Aggregation Services Router provides a WAN edge solution that combines information, communications, collaboration and business. The Cisco ASR 1000 fails to properly handle routing neighbor advertisements. An unauthenticated attacker sends a malicious IP packet to the affected device, causing the device to stop responding. Cisco ASR 9000 Series Routers are prone to a remote denial-of-service vulnerability. This issue is being tracked by Cisco Bug ID CSCub31873. Cisco IOS XE is an operating system developed by Cisco for its network equipment. There is a security vulnerability in versions earlier than Cisco IOS XE 3.7.5S. The vulnerability is caused by the fact that the program does not correctly handle the adjacency relationship of routers

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201504-0266",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ios xe",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.7s.4"
      },
      {
        "model": "ios xe",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "3.7.5s"
      },
      {
        "model": "asr",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "1000"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "3.7s.4"
      },
      {
        "model": "ios xe software 3.7s.4",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "asr series routers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "10000"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-02238"
      },
      {
        "db": "BID",
        "id": "73470"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002067"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-0685"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-037"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.7s.4",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-0685"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "73470"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2015-0685",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.8,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2015-0685",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 5.4,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 4.9,
            "id": "CNVD-2015-02238",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-78631",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2015-0685",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2015-02238",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201504-037",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-78631",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2015-0685",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-02238"
      },
      {
        "db": "VULHUB",
        "id": "VHN-78631"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-0685"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002067"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-0685"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-037"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco IOS XE before 3.7.5S on ASR 1000 devices does not properly handle route adjacencies, which allows remote attackers to cause a denial of service (device hang) via crafted IP packets, aka Bug ID CSCub31873. The Cisco ASR1000 Series Aggregation Services Router provides a WAN edge solution that combines information, communications, collaboration and business. The Cisco ASR 1000 fails to properly handle routing neighbor advertisements. An unauthenticated attacker sends a malicious IP packet to the affected device, causing the device to stop responding. Cisco ASR 9000 Series Routers are prone to a remote denial-of-service vulnerability. \nThis issue is being tracked by Cisco Bug ID CSCub31873. Cisco IOS XE is an operating system developed by Cisco for its network equipment. There is a security vulnerability in versions earlier than Cisco IOS XE 3.7.5S. The vulnerability is caused by the fact that the program does not correctly handle the adjacency relationship of routers",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-0685"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002067"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-02238"
      },
      {
        "db": "BID",
        "id": "73470"
      },
      {
        "db": "VULHUB",
        "id": "VHN-78631"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-0685"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2015-0685",
        "trust": 3.5
      },
      {
        "db": "SECTRACK",
        "id": "1032004",
        "trust": 1.2
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002067",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-037",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-02238",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "73470",
        "trust": 0.5
      },
      {
        "db": "VULHUB",
        "id": "VHN-78631",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-0685",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-02238"
      },
      {
        "db": "VULHUB",
        "id": "VHN-78631"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-0685"
      },
      {
        "db": "BID",
        "id": "73470"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002067"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-0685"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-037"
      }
    ]
  },
  "id": "VAR-201504-0266",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-02238"
      },
      {
        "db": "VULHUB",
        "id": "VHN-78631"
      }
    ],
    "trust": 1.3328331633333332
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-02238"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:30:22.034000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "38124",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=38124"
      },
      {
        "title": "Patch for Cisco ASR1000 Series Router Denial of Service Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/57016"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-02238"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002067"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-78631"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002067"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-0685"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.7,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=38124"
      },
      {
        "trust": 1.4,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0685"
      },
      {
        "trust": 1.2,
        "url": "http://www.securitytracker.com/id/1032004"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0685"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/20.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.securityfocus.com/bid/73470"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-02238"
      },
      {
        "db": "VULHUB",
        "id": "VHN-78631"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-0685"
      },
      {
        "db": "BID",
        "id": "73470"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002067"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-0685"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-037"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-02238"
      },
      {
        "db": "VULHUB",
        "id": "VHN-78631"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-0685"
      },
      {
        "db": "BID",
        "id": "73470"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002067"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-0685"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-037"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-04-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-02238"
      },
      {
        "date": "2015-04-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-78631"
      },
      {
        "date": "2015-04-03T00:00:00",
        "db": "VULMON",
        "id": "CVE-2015-0685"
      },
      {
        "date": "2015-03-31T00:00:00",
        "db": "BID",
        "id": "73470"
      },
      {
        "date": "2015-04-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-002067"
      },
      {
        "date": "2015-04-03T02:00:24.317000",
        "db": "NVD",
        "id": "CVE-2015-0685"
      },
      {
        "date": "2015-04-03T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201504-037"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-04-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-02238"
      },
      {
        "date": "2015-09-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-78631"
      },
      {
        "date": "2015-09-29T00:00:00",
        "db": "VULMON",
        "id": "CVE-2015-0685"
      },
      {
        "date": "2015-03-31T00:00:00",
        "db": "BID",
        "id": "73470"
      },
      {
        "date": "2015-04-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-002067"
      },
      {
        "date": "2015-09-29T19:30:42.867000",
        "db": "NVD",
        "id": "CVE-2015-0685"
      },
      {
        "date": "2015-04-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201504-037"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-037"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "ASR 1000 Runs on series devices  Cisco IOS XE Service disruption in  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-002067"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201504-037"
      }
    ],
    "trust": 0.6
  }
}

CNVD-2015-02238

Vulnerability from cnvd - Published: 2015-04-09

Title

Cisco ASR1000系列路由器拒绝服务漏洞

Description

Cisco ASR1000系列汇聚服务路由器，提供了广域网边缘解决方案，将信息、通信、协作和商务融为一体。 Cisco ASR 1000未能正确处理路由邻居通告，未经身份验证的攻击者发送恶意的IP数据包到受影响设备，可造成设备停止响应。

Severity

中

Patch Name

Cisco ASR1000系列路由器拒绝服务漏洞的补丁

Patch Description

Cisco ASR1000系列汇聚服务路由器，提供了广域网边缘解决方案，将信息、通信、协作和商务融为一体。Cisco ASR 1000未能正确处理路由邻居通告，未经身份验证的攻击者发送恶意的IP数据包到受影响设备，可造成设备停止响应。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://tools.cisco.com/security/center/viewAlert.x?alertId=38124

Reference

http://tools.cisco.com/security/center/viewAlert.x?alertId=38124 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0685

Impacted products

Name
Cisco ASR 1000

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-0685"
    }
  },
  "description": "Cisco ASR1000\u7cfb\u5217\u6c47\u805a\u670d\u52a1\u8def\u7531\u5668\uff0c\u63d0\u4f9b\u4e86\u5e7f\u57df\u7f51\u8fb9\u7f18\u89e3\u51b3\u65b9\u6848\uff0c\u5c06\u4fe1\u606f\u3001\u901a\u4fe1\u3001\u534f\u4f5c\u548c\u5546\u52a1\u878d\u4e3a\u4e00\u4f53\u3002\r\n\r\nCisco ASR 1000\u672a\u80fd\u6b63\u786e\u5904\u7406\u8def\u7531\u90bb\u5c45\u901a\u544a\uff0c\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u53d1\u9001\u6076\u610f\u7684IP\u6570\u636e\u5305\u5230\u53d7\u5f71\u54cd\u8bbe\u5907\uff0c\u53ef\u9020\u6210\u8bbe\u5907\u505c\u6b62\u54cd\u5e94\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttp://tools.cisco.com/security/center/viewAlert.x?alertId=38124",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-02238",
  "openTime": "2015-04-09",
  "patchDescription": "Cisco ASR1000\u7cfb\u5217\u6c47\u805a\u670d\u52a1\u8def\u7531\u5668\uff0c\u63d0\u4f9b\u4e86\u5e7f\u57df\u7f51\u8fb9\u7f18\u89e3\u51b3\u65b9\u6848\uff0c\u5c06\u4fe1\u606f\u3001\u901a\u4fe1\u3001\u534f\u4f5c\u548c\u5546\u52a1\u878d\u4e3a\u4e00\u4f53\u3002Cisco ASR 1000\u672a\u80fd\u6b63\u786e\u5904\u7406\u8def\u7531\u90bb\u5c45\u901a\u544a\uff0c\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u53d1\u9001\u6076\u610f\u7684IP\u6570\u636e\u5305\u5230\u53d7\u5f71\u54cd\u8bbe\u5907\uff0c\u53ef\u9020\u6210\u8bbe\u5907\u505c\u6b62\u54cd\u5e94\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco ASR1000\u7cfb\u5217\u8def\u7531\u5668\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Cisco ASR 1000"
  },
  "referenceLink": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38124\r\nhttps://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0685",
  "serverity": "\u4e2d",
  "submitTime": "2015-04-08",
  "title": "Cisco ASR1000\u7cfb\u5217\u8def\u7531\u5668\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

GHSA-3RMR-75JG-FQ5F

Vulnerability from github – Published: 2022-05-17 04:06 – Updated: 2022-05-17 04:06

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-0685"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-04-03T02:00:00Z",
    "severity": "HIGH"
  },
  "details": "Cisco IOS XE before 3.7.5S on ASR 1000 devices does not properly handle route adjacencies, which allows remote attackers to cause a denial of service (device hang) via crafted IP packets, aka Bug ID CSCub31873.",
  "id": "GHSA-3rmr-75jg-fq5f",
  "modified": "2022-05-17T04:06:30Z",
  "published": "2022-05-17T04:06:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0685"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38124"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1032004"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2015-0685 (GCVE-0-2015-0685)

GSD-2015-0685

FKIE_CVE-2015-0685

VAR-201504-0266

CNVD-2015-02238

GHSA-3RMR-75JG-FQ5F

Tags

Sightings

Nomenclature