Lucene search

[email protected]CVE-2015-4291

HistoryAug 01, 2015 - 1:59 a.m.

CVE-2015-4291

2015-08-0101:59:16

CWE-399

[email protected]

web.nvd.nist.gov

cve-2015-4291

cisco

asr 1000

denial of service

ipv4

ipv6

nvd

vulnerability

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.9 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.2%

JSON

Cisco IOS XE 2.x before 2.4.3 and 2.5.x before 2.5.1 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted series of fragmented (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCtd72617.

Affected configurations

NVD

Node

ciscoios_xeMatch2.1.0

ciscoios_xeMatch2.1.1

ciscoios_xeMatch2.1.2

ciscoios_xeMatch2.2.1

ciscoios_xeMatch2.2.2

ciscoios_xeMatch2.2.3

ciscoios_xeMatch2.3.0

ciscoios_xeMatch2.3.0t

ciscoios_xeMatch2.3.1t

ciscoios_xeMatch2.3.2

ciscoios_xeMatch2.4.0

ciscoios_xeMatch2.4.1

ciscoios_xeMatch2.5.0

CPENameOperatorVersion
cisco:ios_xecisco ios xeeq2.1.0
cisco:ios_xecisco ios xeeq2.1.1
cisco:ios_xecisco ios xeeq2.1.2
cisco:ios_xecisco ios xeeq2.2.1
cisco:ios_xecisco ios xeeq2.2.2
cisco:ios_xecisco ios xeeq2.2.3
cisco:ios_xecisco ios xeeq2.3.0
cisco:ios_xecisco ios xeeq2.3.0t
cisco:ios_xecisco ios xeeq2.3.1t
cisco:ios_xecisco ios xeeq2.3.2

CPE	Name	Operator	Version
cisco:ios_xe	cisco ios xe	eq	2.1.0
cisco:ios_xe	cisco ios xe	eq	2.1.1
cisco:ios_xe	cisco ios xe	eq	2.1.2
cisco:ios_xe	cisco ios xe	eq	2.2.1
cisco:ios_xe	cisco ios xe	eq	2.2.2
cisco:ios_xe	cisco ios xe	eq	2.2.3
cisco:ios_xe	cisco ios xe	eq	2.3.0
cisco:ios_xe	cisco ios xe	eq	2.3.0t
cisco:ios_xe	cisco ios xe	eq	2.3.1t
cisco:ios_xe	cisco ios xe	eq	2.3.2