Lucene search

CiscoCISCO-SA-20150325-IOSXE

HistoryMar 25, 2015 - 4:00 p.m.

Multiple Vulnerabilities in Cisco IOS XE Software for Cisco ASR 1000 Series, Cisco ISR 4400 Series, and Cisco Cloud Services 1000v Series Routers

2015-03-2516:00:00

tools.cisco.com

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.005 Low

EPSS

Percentile

76.1%

JSON

Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers (ASR), Cisco 4400 Series Integrated Services Routers (ISR), and Cisco Cloud Services Routers (CSR) 1000v Series contains the following vulnerabilities:

Cisco IOS XE Software Fragmented Packet Denial of Service Vulnerability
Cisco IOS XE Software Crafted TCP Packet Remote Code Execution Vulnerability
Cisco IOS XE Software Crafted IPv6 Packet Denial of Service Vulnerability
Cisco IOS XE Software Layer 4 Redirect Crafted Packet Denial of Service Vulnerability
Cisco IOS XE Software Common Flow Table Crafted Packet Denial of Service Vulnerability
These vulnerabilities are independent of each other; a release that is affected by one of the vulnerabilities may not be affected by the others.

Successful exploitation of any of these vulnerabilities could allow an unauthenticated, remote attacker to trigger a reload of the forwarding plane, causing an interruption of services. Repeated exploitation could result in a sustained denial of service (DoS) condition.

Successful exploitation of Cisco IOS XE Software Crafted TCP Packet Remote Code Execution Vulnerability could allow an unauthenticated remote attacker to execute malicious code on the affected device.

Cisco has released software updates that address these vulnerabilities. This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-iosxe [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-iosxe”]

Note: The March 25, 2015, Cisco IOS & XE Software Security Advisory bundled publication includes seven Cisco Security Advisories. The advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS & XE Software Security Advisory Bundled Publication at the following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html [“http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html”]

Affected configurations

Vulners

Node

ciscorvs4000_softwareMatch3.7s

ciscorvs4000_softwareMatch3.8s

ciscorvs4000_softwareMatch3.9s

ciscorvs4000_softwareMatch3.10s

ciscorvs4000_softwareMatch3.11s

ciscorvs4000_softwareMatch3.12s

ciscorvs4000_softwareMatch3.13s

ciscorvs4000_softwareMatch16.9

ciscorvs4000_softwareMatch17.1

ciscorvs4000_softwareMatch3.7.0s

ciscorvs4000_softwareMatch3.7.1s

ciscorvs4000_softwareMatch3.7.2s

ciscorvs4000_softwareMatch3.7.3s

ciscorvs4000_softwareMatch3.7.4s

ciscorvs4000_softwareMatch3.7.5s

ciscorvs4000_softwareMatch3.7.6s

ciscorvs4000_softwareMatch3.7.7s

ciscorvs4000_softwareMatch3.7.4as

ciscorvs4000_softwareMatch3.7.2ts

ciscorvs4000_softwareMatch3.7.0bs

ciscorvs4000_softwareMatch3.7.1as

ciscorvs4000_softwareMatch3.8.0s

ciscorvs4000_softwareMatch3.8.1s

ciscorvs4000_softwareMatch3.8.2s

ciscorvs4000_softwareMatch3.9.1s

ciscorvs4000_softwareMatch3.9.0s

ciscorvs4000_softwareMatch3.9.2s

ciscorvs4000_softwareMatch3.10.0s

ciscorvs4000_softwareMatch3.10.1s

ciscorvs4000_softwareMatch3.10.2s

ciscorvs4000_softwareMatch3.10.3s

ciscorvs4000_softwareMatch3.10.2as

ciscorvs4000_softwareMatch3.10.2ts

ciscorvs4000_softwareMatch3.11.1s

ciscorvs4000_softwareMatch3.11.2s

ciscorvs4000_softwareMatch3.11.0s

ciscorvs4000_softwareMatch3.12.0s

ciscorvs4000_softwareMatch3.12.1s

ciscorvs4000_softwareMatch3.12.0as

ciscorvs4000_softwareMatch3.13.0s

ciscorvs4000_softwareMatch3.13.0as

ciscorvs4000_softwareMatch16.9.4c

ciscorvs4000_softwareMatch17.1.1a

CPENameOperatorVersion
cisco ios xe softwareeq3.7S
cisco ios xe softwareeq3.8S
cisco ios xe softwareeq3.9S
cisco ios xe softwareeq3.10S
cisco ios xe softwareeq3.11S
cisco ios xe softwareeq3.12S
cisco ios xe softwareeq3.13S
cisco ios xe softwareeq16.9
cisco ios xe softwareeq17.1
cisco ios xe softwareeq3.7.0S

Name	Operator	Version
cisco ios xe software	eq	3.7S
cisco ios xe software	eq	3.8S
cisco ios xe software	eq	3.9S
cisco ios xe software	eq	3.10S
cisco ios xe software	eq	3.11S
cisco ios xe software	eq	3.12S
cisco ios xe software	eq	3.13S
cisco ios xe software	eq	16.9
cisco ios xe software	eq	17.1
cisco ios xe software	eq	3.7.0S