FKIE_CVE-2015-0638

Vulnerability from fkie_nvd - Published: 2015-03-26 10:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3, when a VRF interface is configured, allows remote attackers to cause a denial of service (interface queue wedge) via crafted ICMPv4 packets, aka Bug ID CSCsi02145.
References
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-wedgeVendor Advisory
psirt@cisco.comhttp://www.securitytracker.com/id/1031983
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-wedgeVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1031983
Impacted products
Vendor Product Version
cisco ios 12.2\(33\)ird1
cisco ios 12.2\(33\)ire3
cisco ios 12.2\(33\)sxi4b
cisco ios 12.2\(44\)sq1
cisco ios 12.4\(25e\)jam1
cisco ios 12.4\(25e\)jap1m
cisco ios 12.4\(25e\)jaz1
cisco ios 15.0\(2\)ed1
cisco ios 15.2\(1\)ex
cisco ios 15.2\(2\)gc
cisco ios 15.2\(2\)ja
cisco ios 15.2\(2\)ja1
cisco ios 15.2\(2\)jax
cisco ios 15.2\(2\)jax1
cisco ios 15.2\(2\)jb
cisco ios 15.2\(2\)jb1
cisco ios 15.2\(2\)jb2
cisco ios 15.2\(2\)jb3
cisco ios 15.2\(2\)jb4
cisco ios 15.2\(2\)jn1
cisco ios 15.2\(2\)jn2
cisco ios 15.2\(2\)t
cisco ios 15.2\(2\)t1
cisco ios 15.2\(2\)t2
cisco ios 15.2\(2\)t3
cisco ios 15.2\(2\)t4
cisco ios 15.2\(3\)t
cisco ios 15.3\(2\)s2
cisco ios 15.3\(3\)ja1n
cisco ios 15.3\(3\)jab1
cisco ios 15.3\(3\)jn
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)ird1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACA00878-FA42-4234-B3CD-F2F07F7CE9EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)ire3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B785F54A-DD27-4422-8F25-0A6EB3E36EEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi4b:*:*:*:*:*:*:*",
              "matchCriteriaId": "95470E1A-2FEC-41DA-8259-EE4F890A32B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(44\\)sq1:*:*:*:*:*:*:*",
              "matchCriteriaId": "742DA70E-6FF9-451D-9E62-F81EFB0BEB6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4\\(25e\\)jam1:*:*:*:*:*:*:*",
              "matchCriteriaId": "30FFBD57-E751-42C8-AE89-CD2073F45688",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4\\(25e\\)jap1m:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4D3B067-46F9-460B-A3EB-7FCA3DDA7E3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4\\(25e\\)jaz1:*:*:*:*:*:*:*",
              "matchCriteriaId": "81CA75FF-8C2E-4D9C-BE57-34EF801C28D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)ed1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D3C419-D1FF-45E8-A5B1-AFFC59567478",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)ex:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E92C269-3C17-4C9D-970F-E9C8EE709ADA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)gc:*:*:*:*:*:*:*",
              "matchCriteriaId": "C89D14BC-1718-4AE9-B107-1709C2CE965E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)ja:*:*:*:*:*:*:*",
              "matchCriteriaId": "72A45595-A97C-4B72-9ED4-7F431F041627",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)ja1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CBF7035-E936-44A3-B196-6946AEB466A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jax:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F95DC51-220F-41F9-BC48-E010746C2D33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jax1:*:*:*:*:*:*:*",
              "matchCriteriaId": "09A7A51A-98DD-416E-82EB-CBB824D3C789",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F81AACB-C3F9-454F-A31D-E985451B0105",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E15A69BF-50B6-42BE-9F44-7A7EBA28CC6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb2:*:*:*:*:*:*:*",
              "matchCriteriaId": "853F31A7-E4A7-41DC-B6C6-36D5C665B7AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDC473A4-39F2-4F32-B268-B9282B0B7823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF758B9D-7E81-4B27-865C-7CE675D38228",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jn1:*:*:*:*:*:*:*",
              "matchCriteriaId": "455FEA02-5E9A-4B73-8E93-6D0BF778E954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jn2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D276149-6D16-4C8D-8D7F-BAD72D7C78BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)t:*:*:*:*:*:*:*",
              "matchCriteriaId": "73B24B56-CCD1-4DD0-B042-C6296338BAAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)t1:*:*:*:*:*:*:*",
              "matchCriteriaId": "632FFFE6-5FF5-478C-8C57-A6590840219E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)t2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1246D88-D206-453B-8EB6-A9848BB09781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)t3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9AEA886-C40F-4C2E-86F5-A4A8707E7DF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)t4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E759D97-682F-4EFC-9885-14B1CBC80C41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(3\\)t:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D89FF8-F1AF-43A9-894F-2B57A3A415D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.3\\(2\\)s2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7E5969-E55B-4EBF-ADDE-8A969174E03D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja1n:*:*:*:*:*:*:*",
              "matchCriteriaId": "49DAE7DA-E0D3-4434-AD75-C8894D939A83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jab1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBEF7B94-3510-48FA-B783-1BF1C23C2C0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jn:*:*:*:*:*:*:*",
              "matchCriteriaId": "32E6CCE7-88BB-4F4F-9253-EC67B5076767",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3, when a VRF interface is configured, allows remote attackers to cause a denial of service (interface queue wedge) via crafted ICMPv4 packets, aka Bug ID CSCsi02145."
    },
    {
      "lang": "es",
      "value": "Cisco IOS 12.2, 12.4, 15.0, 15.2, y 15.3, cuando una interfaz VRF est\u00e1 configurado, permite a atacantes remotos causar una denegaci\u00f3n de servicio (presi\u00f3n en la cola de la interfaz) a trav\u00e9s de paquetes ICMPv4 manipulados, tambi\u00e9n conocido como Bug ID CSCsi02145."
    }
  ],
  "id": "CVE-2015-0638",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-03-26T10:59:04.443",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-wedge"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1031983"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-wedge"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1031983"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.