VAR-201503-0120
Vulnerability from variot - Updated: 2023-12-18 12:57The high-speed logging (HSL) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via large IP packets that require NAT and HSL processing after fragmentation, aka Bug ID CSCuo25741. Cisco IOS is a popular Internet operating system. Cisco IOS XE Software is prone to multiple denial-of-service vulnerabilities. An attacker can exploit these issues to cause an affected device to reload, resulting in a denial of service condition. These issues are being tracked by Cisco Bug IDs CSCuo25741, CSCub68073, CSCua79665 and CSCuq59131. The vulnerability stems from the fact that the NAT and HSL features do not properly handle fragmented IP packets. The following releases are affected: Cisco IOS XE Release 2.x, Release 3.x prior to 3.10.4S, Release 3.11 prior to 3.11.3S, Release 3.12 prior to 3.12.1S, Release 3.13 prior to 3.13.0S, Release 3.14 prior to 3.14.0S, Version 3.15 before 3.15.0S
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201503-0120",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios xe",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.11s.1"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.10s.1"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.10s.0a"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.10s.0"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.5s.2"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.12s.0"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.5s.0"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.10s.2"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.9s.1"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.9s.0"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.4,
"vendor": "cisco",
"version": "2.x"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1s.3"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s.0"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.11s.2"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1s.2"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s.7"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2s.2"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6s.2"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1s.1"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s.1"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1s.5"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2s.3"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.9s.2"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s.6"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1s.4"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s.2"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.10s.3"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3s.2"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s.4"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1s.6"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.12s.1"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s.5"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.8s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6s.0"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2s.1"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.11s.0"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2s.0"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.8s.1"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5s.1"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s.3"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3s.0"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3s.1"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6s.1"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1s.0"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.8s.0"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.8s.2"
},
{
"model": "ios xe",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "ios xe",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "3.15"
},
{
"model": "ios xe",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "3.12"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.12.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.13.0s"
},
{
"model": "ios xe",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "3.13"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.15.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.11.3s"
},
{
"model": "ios xe",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "3.14"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.14.0s"
},
{
"model": "ios xe",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "3.11"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.10.4s"
},
{
"model": "ios xe 3.x",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.11",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.12",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.13",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.14",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.15",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.9s.2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.9s.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.9s.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.8s.2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.8s.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.8s.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.7s.7",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.7s.6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.7s.5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.7s.4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.7s.3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.7s.2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.7s.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.7s.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.7s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.6s.2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.6s.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.6s.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.6s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.5s.2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.5s.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.5s.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.5s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.4s.6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.4s.5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.4s.4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.4s.3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.4s.2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.4s.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.4s.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.3s.2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.3s.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.3s.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.2s.3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.2s.2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.2s.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.2s.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.1s.6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.1s.5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.1s.4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.1s.3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.1s.2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.1s.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.1s.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.13s.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.12s.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.12s.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.11s.2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.11s.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.11s.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.10s.3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.10s.2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.10s.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.10s.0a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios xe 3.10s.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-02055"
},
{
"db": "BID",
"id": "73337"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001946"
},
{
"db": "NVD",
"id": "CVE-2015-0640"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-569"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.1s.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.1s.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.5s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.5s.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7s.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7s.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.9s.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.10s.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.12s.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.10s.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.1s.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2s.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2s.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2s.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3s.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3s.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7s.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7s.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.8s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.8s.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.8s.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7s.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.9s.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.11s.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.12s.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.1s.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.2s.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.5s.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.6s.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.6s.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.6s.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.10s.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.10s.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.10s.0a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.11s.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.3s.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.1s.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.6s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.5s.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7s.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.8s.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.9s.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.11s.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7s.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.1s.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.1s.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.7s.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0640"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "73337"
}
],
"trust": 0.3
},
"cve": "CVE-2015-0640",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-0640",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-02055",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-78586",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-0640",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2015-02055",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201503-569",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-78586",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-02055"
},
{
"db": "VULHUB",
"id": "VHN-78586"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001946"
},
{
"db": "NVD",
"id": "CVE-2015-0640"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-569"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The high-speed logging (HSL) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via large IP packets that require NAT and HSL processing after fragmentation, aka Bug ID CSCuo25741. Cisco IOS is a popular Internet operating system. Cisco IOS XE Software is prone to multiple denial-of-service vulnerabilities. \nAn attacker can exploit these issues to cause an affected device to reload, resulting in a denial of service condition. \nThese issues are being tracked by Cisco Bug IDs CSCuo25741, CSCub68073, CSCua79665 and CSCuq59131. The vulnerability stems from the fact that the NAT and HSL features do not properly handle fragmented IP packets. The following releases are affected: Cisco IOS XE Release 2.x, Release 3.x prior to 3.10.4S, Release 3.11 prior to 3.11.3S, Release 3.12 prior to 3.12.1S, Release 3.13 prior to 3.13.0S, Release 3.14 prior to 3.14.0S, Version 3.15 before 3.15.0S",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0640"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001946"
},
{
"db": "CNVD",
"id": "CNVD-2015-02055"
},
{
"db": "BID",
"id": "73337"
},
{
"db": "VULHUB",
"id": "VHN-78586"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-0640",
"trust": 3.4
},
{
"db": "SECTRACK",
"id": "1031981",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001946",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201503-569",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-02055",
"trust": 0.6
},
{
"db": "BID",
"id": "73337",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-78586",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-02055"
},
{
"db": "VULHUB",
"id": "VHN-78586"
},
{
"db": "BID",
"id": "73337"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001946"
},
{
"db": "NVD",
"id": "CVE-2015-0640"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-569"
}
]
},
"id": "VAR-201503-0120",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-02055"
},
{
"db": "VULHUB",
"id": "VHN-78586"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-02055"
}
]
},
"last_update_date": "2023-12-18T12:57:48.099000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "37486",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewambalert.x?alertid=37486"
},
{
"title": "cisco-sa-20150325-iosxe",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150325-iosxe"
},
{
"title": "37822",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=37822"
},
{
"title": "cisco-sa-20150325-iosxe",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/112/1128/1128882_cisco-sa-20150325-iosxe-j.html"
},
{
"title": "Cisco IOS XE high-speed logging (HSL) Patch for handling large IP packet handling denial of service vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/56762"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-02055"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001946"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78586"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001946"
},
{
"db": "NVD",
"id": "CVE-2015-0640"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150325-iosxe"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031981"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0640"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0640"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/c/en/us/products/ios-nx-os-software/ios-xe/index.html"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-02055"
},
{
"db": "VULHUB",
"id": "VHN-78586"
},
{
"db": "BID",
"id": "73337"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001946"
},
{
"db": "NVD",
"id": "CVE-2015-0640"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-569"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-02055"
},
{
"db": "VULHUB",
"id": "VHN-78586"
},
{
"db": "BID",
"id": "73337"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001946"
},
{
"db": "NVD",
"id": "CVE-2015-0640"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-569"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-02055"
},
{
"date": "2015-03-26T00:00:00",
"db": "VULHUB",
"id": "VHN-78586"
},
{
"date": "2015-03-25T00:00:00",
"db": "BID",
"id": "73337"
},
{
"date": "2015-03-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001946"
},
{
"date": "2015-03-26T10:59:06.270000",
"db": "NVD",
"id": "CVE-2015-0640"
},
{
"date": "2015-03-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-569"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-02055"
},
{
"date": "2015-09-04T00:00:00",
"db": "VULHUB",
"id": "VHN-78586"
},
{
"date": "2015-03-25T00:00:00",
"db": "BID",
"id": "73337"
},
{
"date": "2015-03-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001946"
},
{
"date": "2015-09-04T18:51:13.420000",
"db": "NVD",
"id": "CVE-2015-0640"
},
{
"date": "2015-03-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-569"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201503-569"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IOS XE of high-speed logging Service disruption in functionality (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001946"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201503-569"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…