Lucene search
HistoryApr 04, 2015 - 1:59 a.m.
CVE-2015-0688
cisco
ios xe
asr 1000
esp module
denial of service
h.323
cscup21070
cve-2015-0688
7.1 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
6.8 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
56.2%
Cisco IOS XE 3.10.2S on an ASR 1000 device with an Embedded Services Processor (ESP) module, when NAT is enabled, allows remote attackers to cause a denial of service (module crash) via malformed H.323 packets, aka Bug ID CSCup21070.
Affected configurations
Node
ciscoios_xeMatch13.10.2s
ciscoasr_1001
ORciscoasr_1001-x
ORciscoasr_1002
ORciscoasr_1002-x
ORciscoasr_1004
ORciscoasr_1006
ORciscoasr_1013
| CPE | Name | Operator | Version |
|---|---|---|---|
| cisco:ios_xe | cisco ios xe | eq | 13.10.2s |
Related
cvelist
cvelist
CVE-2015-0688
2015-04-04 01:00:00
nvd
nvd
CVE-2015-0688
2015-04-04 01:59:02
prion
prion
Code injection
2015-04-04 01:59:00
nessus
nessus
Cisco IOS XE Software for 1000 Series Aggregation Services Routers H.323 DoS
2015-05-28 00:00:00
cisco
cisco
Cisco ASR1000 Series Routers ESP Module Denial of Service Vulnerability
2015-04-03 14:12:34
7.1 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
6.8 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
56.2%
Related for CVE-2015-0688