Lucene search

[email protected]CVE-2015-6273

HistoryAug 29, 2015 - 1:59 a.m.

CVE-2015-6273

2015-08-2901:59:02

CWE-399

[email protected]

web.nvd.nist.gov

cve-2015-6273

cisco ios xe

asr 1000

denial of service

vfr

bug ids

nvd

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

56.2%

JSON

Cisco IOS XE before 3.1.2S on ASR 1000 devices mishandles the automatic setup of Virtual Fragment Reassembly (VFR) by certain firewall and NAT components, which allows remote attackers to cause a denial of service (Embedded Services Processor crash) via crafted IP packets, aka Bug IDs CSCtf87624, CSCte93229, CSCtd19103, and CSCti63623.

Affected configurations

NVD

Node

ciscoios_xeMatch2.2.1

ciscoios_xeMatch2.2.2

ciscoios_xeMatch2.2.3

ciscoios_xeMatch3.1.0s

ciscoios_xeMatch3.1.1s

AND

ciscoasr_1001Match-

ciscoasr_1001-xMatch-

ciscoasr_1002Match-

ciscoasr_1002-xMatch-

ciscoasr_1004Match-

ciscoasr_1006Match-

ciscoasr_1013Match-

CPENameOperatorVersion
cisco:ios_xecisco ios xeeq2.2.1
cisco:ios_xecisco ios xeeq2.2.2
cisco:ios_xecisco ios xeeq2.2.3
cisco:ios_xecisco ios xeeq3.1.0s
cisco:ios_xecisco ios xeeq3.1.1s

CPE	Name	Operator	Version
cisco:ios_xe	cisco ios xe	eq	2.2.1
cisco:ios_xe	cisco ios xe	eq	2.2.2
cisco:ios_xe	cisco ios xe	eq	2.2.3
cisco:ios_xe	cisco ios xe	eq	3.1.0s
cisco:ios_xe	cisco ios xe	eq	3.1.1s

References

tools.cisco.com/security/center/viewAlert.x?alertId=40690

www.securitytracker.com/id/1033408

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

56.2%

JSON

Related for CVE-2015-6273

prion1 cvelist1 nvd1