Details of VAR-201503-0117

ID

VAR-201503-0117

CVE

CVE-2015-0637

TITLE

Cisco IOS and IOS XE of Autonomic Networking Infrastructure Service disruption in implementations (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-001943

DESCRIPTION

The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (device reload) via spoofed AN messages, aka Bug ID CSCup62315. Vendors have confirmed this vulnerability Bug ID CSCup62315 It is released as.Camouflaged by a third party AN Service disruption via message ( Device reload ) There is a possibility of being put into a state. Cisco IOS is a popular Internet operating system. An attacker can exploit these issues to cause an affected device to reload, resulting in a denial of service condition. This issue is being tracked by Cisco Bug ID CSCup62315

Trust: 2.52

sources: NVD: CVE-2015-0637 // JVNDB: JVNDB-2015-001943 // CNVD: CNVD-2015-02086 // BID: 73339 // VULHUB: VHN-78583

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2015-02086

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10s.1	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)ja1n	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.4\(25e\)jap1m	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(1\)s3	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(2\)s2	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11s.1	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jab1	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10s.2	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10s.0	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jnb	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.2	Trust: 1.4
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(2\)s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11s.2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(2\)s2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)jb1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10s.3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)s2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13s.0	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(33\)ird1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(1\)ex	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12s.0	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(33\)ire3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4\(25e\)jam1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)ed1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(44\)sq1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)s4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(1\)s1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11s.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12s.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11s.0	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)jn	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(33\)sxi4b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4\(25e\)jaz1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(1\)s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)s1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12s.2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)s3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10s.4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(2\)s1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(1\)s2	Trust: 1.0
vendor:	cisco	model:	ios 15.4 s	scope:	-	version:	-	Trust: 0.9
vendor:	cisco	model:	ios xe	scope:	lt	version:	3.13.xs	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	15.2	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	15.0	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	12.4	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.xs	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.1s	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.xs	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	15.3	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	15.4	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.xs	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	15.0-15.4	Trust: 0.6
vendor:	cisco	model:	ios xe 3.10.xs-3.13.xs	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios 15.4 sn1	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios 15.4 s2	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios 15.4 s1	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios 15.3 s2	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios xe 3.13s.0	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.12s.2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.12s.1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.12s.0	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.12s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.11s.3	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.11s.2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.11s.1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.11s.0	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.10s.4	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.10s.3	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.10s.2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.10s.1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.10s.0	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 15.3 s2a	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.4sn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.4s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.4 sn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.4 s3	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.3s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.3jnb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.3jn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.3jab	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.3ja	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.3 s4	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.3 s3	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.3 s1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.3 s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.3 jnb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.3 jn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.3 jab1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.3 ja1n	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.2jb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.2ex	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.2 jb1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.2 ex	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.0ed	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.0 ed1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4jaz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4jap	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4jam	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4 jaz1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4 jap1m	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4 jam1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sxi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ire	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ird	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 sq1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 sxi4b	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 ire3	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 ird1	scope:	-	version:	-	Trust: 0.3

sources: CNVD: CNVD-2015-02086 // BID: 73339 // JVNDB: JVNDB-2015-001943 // CNNVD: CNNVD-201503-566 // NVD: CVE-2015-0637

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-0637
value:	HIGH
Trust: 1.0
NVD:	CVE-2015-0637
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2015-02086
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201503-566
value:	HIGH
Trust: 0.6
VULHUB:	VHN-78583
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2015-0637
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2015-02086
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-78583
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2015-02086 // VULHUB: VHN-78583 // JVNDB: JVNDB-2015-001943 // CNNVD: CNNVD-201503-566 // NVD: CVE-2015-0637

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-78583 // JVNDB: JVNDB-2015-001943 // NVD: CVE-2015-0637

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201503-566

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201503-566

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-001943

PATCH

title:	cisco-sa-20150325-ani	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ani	Trust: 0.8
title:	37813	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=37813	Trust: 0.8
title:	Patch for Cisco IOS/IOS XE Malformed AN Message Handling Denial of Service Vulnerability (CNVD-2015-02086)	url:	https://www.cnvd.org.cn/patchInfo/show/56794	Trust: 0.6

sources: CNVD: CNVD-2015-02086 // JVNDB: JVNDB-2015-001943

EXTERNAL IDS

db:	NVD	id:	CVE-2015-0637	Trust: 3.4
db:	SECTRACK	id:	1031982	Trust: 1.1
db:	JVNDB	id:	JVNDB-2015-001943	Trust: 0.8
db:	CNNVD	id:	CNNVD-201503-566	Trust: 0.7
db:	CNVD	id:	CNVD-2015-02086	Trust: 0.6
db:	BID	id:	73339	Trust: 0.4
db:	VULHUB	id:	VHN-78583	Trust: 0.1

sources: CNVD: CNVD-2015-02086 // VULHUB: VHN-78583 // BID: 73339 // JVNDB: JVNDB-2015-001943 // CNNVD: CNNVD-201503-566 // NVD: CVE-2015-0637

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150325-ani	Trust: 2.6
url:	http://www.securitytracker.com/id/1031982	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0637	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0637	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=37813	Trust: 0.3

sources: CNVD: CNVD-2015-02086 // VULHUB: VHN-78583 // BID: 73339 // JVNDB: JVNDB-2015-001943 // CNNVD: CNNVD-201503-566 // NVD: CVE-2015-0637

CREDITS

Cisco

Trust: 0.3

sources: BID: 73339

SOURCES

db:	CNVD	id:	CNVD-2015-02086
db:	VULHUB	id:	VHN-78583
db:	BID	id:	73339
db:	JVNDB	id:	JVNDB-2015-001943
db:	CNNVD	id:	CNNVD-201503-566
db:	NVD	id:	CVE-2015-0637

LAST UPDATE DATE

2024-11-23T22:27:11.474000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2015-02086	date:	2015-04-07T00:00:00
db:	VULHUB	id:	VHN-78583	date:	2015-10-01T00:00:00
db:	BID	id:	73339	date:	2015-03-25T00:00:00
db:	JVNDB	id:	JVNDB-2015-001943	date:	2015-03-30T00:00:00
db:	CNNVD	id:	CNNVD-201503-566	date:	2015-03-27T00:00:00
db:	NVD	id:	CVE-2015-0637	date:	2024-11-21T02:23:26.887

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2015-02086	date:	2015-03-31T00:00:00
db:	VULHUB	id:	VHN-78583	date:	2015-03-26T00:00:00
db:	BID	id:	73339	date:	2015-03-25T00:00:00
db:	JVNDB	id:	JVNDB-2015-001943	date:	2015-03-30T00:00:00
db:	CNNVD	id:	CNNVD-201503-566	date:	2015-03-27T00:00:00
db:	NVD	id:	CVE-2015-0637	date:	2015-03-26T10:59:03.427