Lucene search

[email protected]CVE-2015-0695

HistoryApr 17, 2015 - 1:59 a.m.

CVE-2015-0695

2015-04-1701:59:26

CWE-19

CWE-399

[email protected]

web.nvd.nist.gov

cve-2015-0695

cisco

ios xr

asr 9000

urpf

pbr

qos

acl

bvi

denial of service

nvd

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.9%

JSON

Cisco IOS XR 4.3.4 through 5.3.0 on ASR 9000 devices, when uRPF, PBR, QoS, or an ACL is configured, does not properly handle bridge-group virtual interface (BVI) traffic, which allows remote attackers to cause a denial of service (chip and card hangs and reloads) by triggering use of a BVI interface for IPv4 packets, aka Bug ID CSCur62957.

Affected configurations

NVD

Node

ciscoios_xrMatch4.3.0

ciscoios_xrMatch4.3.1

ciscoios_xrMatch4.3.2

ciscoios_xrMatch4.3.3

ciscoios_xrMatch5.1.0

ciscoios_xrMatch5.1.1

ciscoios_xrMatch5.1.2

ciscoios_xrMatch5.2.0

ciscoios_xrMatch5.2.1

AND

ciscoasr_9001Match-

ciscoasr_9006Match-

ciscoasr_9010Match-

ciscoasr_9904Match-

ciscoasr_9912Match-

ciscoasr_9922Match-

CPENameOperatorVersion
cisco:ios_xrcisco ios xreq4.3.0
cisco:ios_xrcisco ios xreq4.3.1
cisco:ios_xrcisco ios xreq4.3.2
cisco:ios_xrcisco ios xreq4.3.3
cisco:ios_xrcisco ios xreq5.1.0
cisco:ios_xrcisco ios xreq5.1.1
cisco:ios_xrcisco ios xreq5.1.2
cisco:ios_xrcisco ios xreq5.2.0
cisco:ios_xrcisco ios xreq5.2.1

CPE	Name	Operator	Version
cisco:ios_xr	cisco ios xr	eq	4.3.0
cisco:ios_xr	cisco ios xr	eq	4.3.1
cisco:ios_xr	cisco ios xr	eq	4.3.2
cisco:ios_xr	cisco ios xr	eq	4.3.3
cisco:ios_xr	cisco ios xr	eq	5.1.0
cisco:ios_xr	cisco ios xr	eq	5.1.1
cisco:ios_xr	cisco ios xr	eq	5.1.2
cisco:ios_xr	cisco ios xr	eq	5.2.0
cisco:ios_xr	cisco ios xr	eq	5.2.1