FKIE_CVE-2015-0637
Vulnerability from fkie_nvd - Published: 2015-03-26 10:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (device reload) via spoofed AN messages, aka Bug ID CSCup62315.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios_xe | 3.10s.0 | |
| cisco | ios_xe | 3.10s.1 | |
| cisco | ios_xe | 3.10s.2 | |
| cisco | ios_xe | 3.10s.3 | |
| cisco | ios_xe | 3.10s.4 | |
| cisco | ios_xe | 3.11s.0 | |
| cisco | ios_xe | 3.11s.1 | |
| cisco | ios_xe | 3.11s.2 | |
| cisco | ios_xe | 3.11s.3 | |
| cisco | ios_xe | 3.12s.0 | |
| cisco | ios_xe | 3.12s.1 | |
| cisco | ios_xe | 3.12s.2 | |
| cisco | ios_xe | 3.13s.0 | |
| cisco | ios | 12.2\(33\)ird1 | |
| cisco | ios | 12.2\(33\)ire3 | |
| cisco | ios | 12.2\(33\)sxi4b | |
| cisco | ios | 12.2\(44\)sq1 | |
| cisco | ios | 12.4\(25e\)jam1 | |
| cisco | ios | 12.4\(25e\)jap1m | |
| cisco | ios | 12.4\(25e\)jaz1 | |
| cisco | ios | 15.0\(2\)ed1 | |
| cisco | ios | 15.2\(1\)ex | |
| cisco | ios | 15.2\(2\)jb1 | |
| cisco | ios | 15.3\(2\)s2 | |
| cisco | ios | 15.3\(3\)ja1n | |
| cisco | ios | 15.3\(3\)jab1 | |
| cisco | ios | 15.3\(3\)jn | |
| cisco | ios | 15.3\(3\)jnb | |
| cisco | ios | 15.3\(3\)s | |
| cisco | ios | 15.3\(3\)s1 | |
| cisco | ios | 15.3\(3\)s2 | |
| cisco | ios | 15.3\(3\)s3 | |
| cisco | ios | 15.3\(3\)s4 | |
| cisco | ios | 15.4\(1\)s | |
| cisco | ios | 15.4\(1\)s1 | |
| cisco | ios | 15.4\(1\)s2 | |
| cisco | ios | 15.4\(1\)s3 | |
| cisco | ios | 15.4\(2\)s | |
| cisco | ios | 15.4\(2\)s1 | |
| cisco | ios | 15.4\(2\)s2 | |
| cisco | ios | 15.4\(3\)s |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C1C77A7-FCD5-4558-A351-081D6678DB21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24C948D8-C540-4FF1-A9F7-BFB20E5541FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7AF1294B-B4F6-40CC-A115-942B18CDA361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B72E6572-FF41-4606-9DA5-FA486D591A58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B74B72D9-AB41-4D98-BEF5-3CA37F68F645",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11s.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0A98DFE-18FF-455A-AFA6-49960CB98C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11s.1:*:*:*:*:*:*:*",
"matchCriteriaId": "277C9543-A842-45AB-A2EF-DB2F8412D748",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11s.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6C942D30-8344-425E-804E-E1BB1F1F0D22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.11s.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C7382973-7673-4D6E-8716-AFDE2EB04C94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.12s.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5E6FF1A-D90D-412A-8159-E766DC14FA57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.12s.1:*:*:*:*:*:*:*",
"matchCriteriaId": "84E6DEE6-50EF-4333-B0B9-964A633734D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.12s.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D83A5AC0-C583-4B2E-8F08-989B3EF3F4EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.13s.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28303ADA-1B8E-42F6-9CD1-A457D863727B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)ird1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA00878-FA42-4234-B3CD-F2F07F7CE9EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)ire3:*:*:*:*:*:*:*",
"matchCriteriaId": "B785F54A-DD27-4422-8F25-0A6EB3E36EEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi4b:*:*:*:*:*:*:*",
"matchCriteriaId": "95470E1A-2FEC-41DA-8259-EE4F890A32B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(44\\)sq1:*:*:*:*:*:*:*",
"matchCriteriaId": "742DA70E-6FF9-451D-9E62-F81EFB0BEB6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(25e\\)jam1:*:*:*:*:*:*:*",
"matchCriteriaId": "30FFBD57-E751-42C8-AE89-CD2073F45688",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(25e\\)jap1m:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D3B067-46F9-460B-A3EB-7FCA3DDA7E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4\\(25e\\)jaz1:*:*:*:*:*:*:*",
"matchCriteriaId": "81CA75FF-8C2E-4D9C-BE57-34EF801C28D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)ed1:*:*:*:*:*:*:*",
"matchCriteriaId": "E5D3C419-D1FF-45E8-A5B1-AFFC59567478",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)ex:*:*:*:*:*:*:*",
"matchCriteriaId": "9E92C269-3C17-4C9D-970F-E9C8EE709ADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb1:*:*:*:*:*:*:*",
"matchCriteriaId": "E15A69BF-50B6-42BE-9F44-7A7EBA28CC6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(2\\)s2:*:*:*:*:*:*:*",
"matchCriteriaId": "6B7E5969-E55B-4EBF-ADDE-8A969174E03D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja1n:*:*:*:*:*:*:*",
"matchCriteriaId": "49DAE7DA-E0D3-4434-AD75-C8894D939A83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jab1:*:*:*:*:*:*:*",
"matchCriteriaId": "CBEF7B94-3510-48FA-B783-1BF1C23C2C0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jn:*:*:*:*:*:*:*",
"matchCriteriaId": "32E6CCE7-88BB-4F4F-9253-EC67B5076767",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnb:*:*:*:*:*:*:*",
"matchCriteriaId": "9BC3CD43-F30A-484B-9285-D925C1262212",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "AB84CE04-F2D0-4A37-B2BA-25126D1824D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s1:*:*:*:*:*:*:*",
"matchCriteriaId": "E32C83FA-EBE9-4A84-B34A-25BBA4D47E3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s2:*:*:*:*:*:*:*",
"matchCriteriaId": "63ACFACC-23B7-4EAC-BDC0-E3C403642D88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s3:*:*:*:*:*:*:*",
"matchCriteriaId": "0F3A95D5-157D-4335-87B4-8DA080A496FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E613BC4-AC20-4E43-8FB3-2EE9F0A2610D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "237D305E-016D-4E84-827C-44D04E3E0999",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)s1:*:*:*:*:*:*:*",
"matchCriteriaId": "E993A32E-D2AF-4519-B4C9-7F576649D20F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)s2:*:*:*:*:*:*:*",
"matchCriteriaId": "7260A66D-D477-440E-9A87-C05F9BD9E67C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)s3:*:*:*:*:*:*:*",
"matchCriteriaId": "31059ED1-4D82-43D7-8EF7-042125289CF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "4151B2B1-B17F-4F1D-A211-34C7DB84E442",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)s1:*:*:*:*:*:*:*",
"matchCriteriaId": "37B550C9-B2E4-44EE-8E0B-54D150C69A0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)s2:*:*:*:*:*:*:*",
"matchCriteriaId": "BEBBA614-74E7-43C7-8D33-ADF4BD79D477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)s:*:*:*:*:*:*:*",
"matchCriteriaId": "C63FF7C4-D9CE-4D6C-B36E-0C0DC06F453E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (device reload) via spoofed AN messages, aka Bug ID CSCup62315."
},
{
"lang": "es",
"value": "La implemenatci\u00f3n Autonomic Networking Infrastructure (ANI) en Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, y 15.4 y IOS XE 3.10.xS hasta 3.13.xS anterior a 3.13.1S permite a atacantes remotos causar una denegaci\u00f3n de servicio (recarga de dispositivo) a trav\u00e9s de mensajes AN falsificados, tambi\u00e9n conocido como Bug ID CSCup62315."
}
],
"id": "CVE-2015-0637",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-03-26T10:59:03.427",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ani"
},
{
"source": "psirt@cisco.com",
"url": "http://www.securitytracker.com/id/1031982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ani"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1031982"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…