Lucene search

[email protected]CVE-2015-0635

HistoryMar 26, 2015 - 10:59 a.m.

CVE-2015-0635

2015-03-2610:59:00

CWE-20

[email protected]

web.nvd.nist.gov

cisco

ani

autonomic networking

spoofing

denial of service

vulnerability

cve-2015-0635

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:P/I:P/A:C

6.7 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.9%

JSON

The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to spoof Autonomic Networking Registration Authority (ANRA) responses, and consequently bypass intended device and node access restrictions or cause a denial of service (disrupted domain access), via crafted AN messages, aka Bug ID CSCup62191.

Affected configurations

NVD

Node

ciscoios_xeMatch3.10s.0

ciscoios_xeMatch3.10s.1

ciscoios_xeMatch3.10s.2

ciscoios_xeMatch3.10s.3

ciscoios_xeMatch3.10s.4

ciscoios_xeMatch3.10s.5

ciscoios_xeMatch3.11s.0

ciscoios_xeMatch3.11s.1

ciscoios_xeMatch3.11s.2

ciscoios_xeMatch3.11s.3

ciscoios_xeMatch3.12s.0

ciscoios_xeMatch3.12s.1

ciscoios_xeMatch3.12s.2

ciscoios_xeMatch3.13s.0

Node

ciscoiosMatch12.2\(33\)ird1

ciscoiosMatch12.2\(33\)ire3

ciscoiosMatch12.2\(33\)sxi4b

ciscoiosMatch12.2\(44\)sq1

ciscoiosMatch12.4\(25e\)jam1

ciscoiosMatch12.4\(25e\)jap1m

ciscoiosMatch12.4\(25e\)jaz1

ciscoiosMatch15.0\(2\)ed1

ciscoiosMatch15.2\(1\)ex

ciscoiosMatch15.2\(2\)jb1

ciscoiosMatch15.3\(2\)s2

ciscoiosMatch15.3\(3\)ja1n

ciscoiosMatch15.3\(3\)jab1

ciscoiosMatch15.3\(3\)jn

ciscoiosMatch15.3\(3\)jnb

ciscoiosMatch15.3\(3\)s

ciscoiosMatch15.3\(3\)s1

ciscoiosMatch15.3\(3\)s2

ciscoiosMatch15.3\(3\)s3

ciscoiosMatch15.3\(3\)s4

ciscoiosMatch15.3\(3\)s5

ciscoiosMatch15.4\(1\)s

ciscoiosMatch15.4\(1\)s1

ciscoiosMatch15.4\(1\)s2

ciscoiosMatch15.4\(1\)s3

ciscoiosMatch15.4\(2\)s

ciscoiosMatch15.4\(2\)s1

ciscoiosMatch15.4\(2\)s2

ciscoiosMatch15.4\(3\)s

CPENameOperatorVersion
cisco:ios_xecisco ios xeeq3.10s.0
cisco:ios_xecisco ios xeeq3.10s.1
cisco:ios_xecisco ios xeeq3.10s.2
cisco:ios_xecisco ios xeeq3.10s.3
cisco:ios_xecisco ios xeeq3.10s.4
cisco:ios_xecisco ios xeeq3.10s.5
cisco:ios_xecisco ios xeeq3.11s.0
cisco:ios_xecisco ios xeeq3.11s.1
cisco:ios_xecisco ios xeeq3.11s.2
cisco:ios_xecisco ios xeeq3.11s.3

CPE	Name	Operator	Version
cisco:ios_xe	cisco ios xe	eq	3.10s.0
cisco:ios_xe	cisco ios xe	eq	3.10s.1
cisco:ios_xe	cisco ios xe	eq	3.10s.2
cisco:ios_xe	cisco ios xe	eq	3.10s.3
cisco:ios_xe	cisco ios xe	eq	3.10s.4
cisco:ios_xe	cisco ios xe	eq	3.10s.5
cisco:ios_xe	cisco ios xe	eq	3.11s.0
cisco:ios_xe	cisco ios xe	eq	3.11s.1
cisco:ios_xe	cisco ios xe	eq	3.11s.2
cisco:ios_xe	cisco ios xe	eq	3.11s.3