Details of VAR-201503-0120

ID

VAR-201503-0120

CVE

CVE-2015-0640

TITLE

Cisco IOS XE of high-speed logging Service disruption in functionality (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-001946

DESCRIPTION

The high-speed logging (HSL) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via large IP packets that require NAT and HSL processing after fragmentation, aka Bug ID CSCuo25741. Cisco IOS is a popular Internet operating system. Cisco IOS XE Software is prone to multiple denial-of-service vulnerabilities. An attacker can exploit these issues to cause an affected device to reload, resulting in a denial of service condition. These issues are being tracked by Cisco Bug IDs CSCuo25741, CSCub68073, CSCua79665 and CSCuq59131. The vulnerability stems from the fact that the NAT and HSL features do not properly handle fragmented IP packets. The following releases are affected: Cisco IOS XE Release 2.x, Release 3.x prior to 3.10.4S, Release 3.11 prior to 3.11.3S, Release 3.12 prior to 3.12.1S, Release 3.13 prior to 3.13.0S, Release 3.14 prior to 3.14.0S, Version 3.15 before 3.15.0S

Trust: 2.52

sources: NVD: CVE-2015-0640 // JVNDB: JVNDB-2015-001946 // CNVD: CNVD-2015-02055 // BID: 73337 // VULHUB: VHN-78586

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2015-02055

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10s.1	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11s.1	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5s.2	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10s.2	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12s.0	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10s.0a	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9s.0	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10s.0	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5s.0	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9s.1	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	2.x	Trust: 1.4
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8s.0	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5s.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.1s.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11s.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2s.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9s.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3s.0	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.1s.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6s.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.1s.5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10s.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6s.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7s.5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8s.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2s.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12s.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7s.7	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7s.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11s.0	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3s.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7s.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7s.6	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2s.0	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7s.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.1s.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3s.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2s.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7s.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.1s.6	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.1s.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6s.0	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7s.0	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8s.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.1s.0	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	lt	version:	3.x	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	lt	version:	3.15	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	lt	version:	3.12	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.1s	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.0s	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	lt	version:	3.13	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15.0s	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.3s	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	lt	version:	3.14	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.14.0s	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	lt	version:	3.11	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.4s	Trust: 0.8
vendor:	cisco	model:	ios xe 3.x	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios xe 3.11	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios xe 3.12	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios xe 3.13	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios xe 3.14	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios xe 3.15	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios xe 3.9s.2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.9s.1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.9s.0	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.8s.2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.8s.1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.8s.0	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.7s.7	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.7s.6	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.7s.5	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.7s.4	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.7s.3	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.7s.2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.7s.1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.7s.0	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.7s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.6s.2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.6s.1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.6s.0	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.6s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.5s.2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.5s.1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.5s.0	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.5s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.4s.6	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.4s.5	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.4s.4	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.4s.3	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.4s.2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.4s.1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.4s.0	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.3s.2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.3s.1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.3s.0	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.2s.3	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.2s.2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.2s.1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.2s.0	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.1s.6	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.1s.5	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.1s.4	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.1s.3	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.1s.2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.1s.1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.1s.0	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.13s.0	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.12s.1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.12s.0	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.11s.2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.11s.1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.11s.0	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.10s.3	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.10s.2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.10s.1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.10s.0a	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe 3.10s.0	scope:	-	version:	-	Trust: 0.3

sources: CNVD: CNVD-2015-02055 // BID: 73337 // JVNDB: JVNDB-2015-001946 // CNNVD: CNNVD-201503-569 // NVD: CVE-2015-0640

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-0640
value:	HIGH
Trust: 1.0
NVD:	CVE-2015-0640
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2015-02055
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201503-569
value:	HIGH
Trust: 0.6
VULHUB:	VHN-78586
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2015-0640
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2015-02055
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-78586
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2015-02055 // VULHUB: VHN-78586 // JVNDB: JVNDB-2015-001946 // CNNVD: CNNVD-201503-569 // NVD: CVE-2015-0640

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-78586 // JVNDB: JVNDB-2015-001946 // NVD: CVE-2015-0640

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201503-569

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201503-569

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-001946

PATCH

title:	37486	url:	http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=37486	Trust: 0.8
title:	cisco-sa-20150325-iosxe	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-iosxe	Trust: 0.8
title:	37822	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=37822	Trust: 0.8
title:	cisco-sa-20150325-iosxe	url:	http://www.cisco.com/cisco/web/support/JP/112/1128/1128882_cisco-sa-20150325-iosxe-j.html	Trust: 0.8
title:	Cisco IOS XE high-speed logging (HSL) Patch for handling large IP packet handling denial of service vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/56762	Trust: 0.6

sources: CNVD: CNVD-2015-02055 // JVNDB: JVNDB-2015-001946

EXTERNAL IDS

db:	NVD	id:	CVE-2015-0640	Trust: 3.4
db:	SECTRACK	id:	1031981	Trust: 1.1
db:	JVNDB	id:	JVNDB-2015-001946	Trust: 0.8
db:	CNNVD	id:	CNNVD-201503-569	Trust: 0.7
db:	CNVD	id:	CNVD-2015-02055	Trust: 0.6
db:	BID	id:	73337	Trust: 0.3
db:	VULHUB	id:	VHN-78586	Trust: 0.1

sources: CNVD: CNVD-2015-02055 // VULHUB: VHN-78586 // BID: 73337 // JVNDB: JVNDB-2015-001946 // CNNVD: CNNVD-201503-569 // NVD: CVE-2015-0640

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150325-iosxe	Trust: 2.6
url:	http://www.securitytracker.com/id/1031981	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0640	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0640	Trust: 0.8
url:	http://www.cisco.com/c/en/us/products/ios-nx-os-software/ios-xe/index.html	Trust: 0.3

sources: CNVD: CNVD-2015-02055 // VULHUB: VHN-78586 // BID: 73337 // JVNDB: JVNDB-2015-001946 // CNNVD: CNNVD-201503-569 // NVD: CVE-2015-0640

CREDITS

Cisco

Trust: 0.3

sources: BID: 73337

SOURCES

db:	CNVD	id:	CNVD-2015-02055
db:	VULHUB	id:	VHN-78586
db:	BID	id:	73337
db:	JVNDB	id:	JVNDB-2015-001946
db:	CNNVD	id:	CNNVD-201503-569
db:	NVD	id:	CVE-2015-0640

LAST UPDATE DATE

2024-11-23T22:08:09.682000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2015-02055	date:	2015-03-31T00:00:00
db:	VULHUB	id:	VHN-78586	date:	2015-09-04T00:00:00
db:	BID	id:	73337	date:	2015-03-25T00:00:00
db:	JVNDB	id:	JVNDB-2015-001946	date:	2015-03-30T00:00:00
db:	CNNVD	id:	CNNVD-201503-569	date:	2015-03-27T00:00:00
db:	NVD	id:	CVE-2015-0640	date:	2024-11-21T02:23:27.220

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2015-02055	date:	2015-03-31T00:00:00
db:	VULHUB	id:	VHN-78586	date:	2015-03-26T00:00:00
db:	BID	id:	73337	date:	2015-03-25T00:00:00
db:	JVNDB	id:	JVNDB-2015-001946	date:	2015-03-30T00:00:00
db:	CNNVD	id:	CNNVD-201503-569	date:	2015-03-27T00:00:00
db:	NVD	id:	CVE-2015-0640	date:	2015-03-26T10:59:06.270