Lucene search

[email protected]NVD:CVE-2015-0695

HistoryApr 17, 2015 - 1:59 a.m.

CVE-2015-0695

2015-04-1701:59:26

CWE-399

CWE-19

[email protected]

web.nvd.nist.gov

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.8%

JSON

Cisco IOS XR 4.3.4 through 5.3.0 on ASR 9000 devices, when uRPF, PBR, QoS, or an ACL is configured, does not properly handle bridge-group virtual interface (BVI) traffic, which allows remote attackers to cause a denial of service (chip and card hangs and reloads) by triggering use of a BVI interface for IPv4 packets, aka Bug ID CSCur62957.

Affected configurations

NVD

Node

ciscoios_xrMatch4.3.0

ciscoios_xrMatch4.3.1

ciscoios_xrMatch4.3.2

ciscoios_xrMatch4.3.3

ciscoios_xrMatch5.1.0

ciscoios_xrMatch5.1.1

ciscoios_xrMatch5.1.2

ciscoios_xrMatch5.2.0

ciscoios_xrMatch5.2.1

AND

ciscoasr_9001Match-

ciscoasr_9006Match-

ciscoasr_9010Match-

ciscoasr_9904Match-

ciscoasr_9912Match-

ciscoasr_9922Match-

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-iosxr

www.securityfocus.com/bid/74162

www.securitytracker.com/id/1032139

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.8%

JSON

Related for NVD:CVE-2015-0695

cve1 cisco1 prion1 cvelist1 nessus1 openvas1 securityvulns1