ID
VAR-201504-0288
CVE
CVE-2015-0709
TITLE
Cisco IOS and IOS XE Service disruption in (DoS) Vulnerabilities
Trust: 0.8
DESCRIPTION
Cisco IOS 15.5S and IOS XE allow remote authenticated users to cause a denial of service (device crash) by leveraging knowledge of the RADIUS secret and sending crafted RADIUS packets, aka Bug ID CSCur21348. Cisco IOS and IOS XE There is a service disruption ( Device crash ) There are vulnerabilities that are put into a state. Both Cisco IOS and IOS-XE are operating systems developed by Cisco for its network devices. A security vulnerability exists in Cisco IOS 15.5S and IOS-XE that caused the program to fail to process RADIUS packets correctly. A remote attacker could exploit the vulnerability to cause a denial of service (device crash). This issue is being tracked by Cisco Bug ID CSCur21348
Trust: 2.61
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.5s | Trust: 2.4 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.5\(3\)s | Trust: 1.6 |
| vendor: | cisco | model: | ios xe | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | cisco | model: | ios xe | scope: | - | version: | - | Trust: 1.4 |
| vendor: | cisco | model: | ios 15.5s | scope: | - | version: | - | Trust: 0.9 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.5(3)s | Trust: 0.8 |
| vendor: | cisco | model: | ios xe | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | cisco | model: | ios 15.5 s | scope: | - | version: | - | Trust: 0.3 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-399 | Trust: 1.9 |
THREAT TYPE
remote
Trust: 0.6
TYPE
resource management error
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | 38544 | url: | http://tools.cisco.com/security/center/viewAlert.x?alertId=38544 | Trust: 0.8 |
| title: | Patch for Cisco IOS and IOS-XE Denial of Service Vulnerability (CNVD-2015-02813) | url: | https://www.cnvd.org.cn/patchInfo/show/57890 | Trust: 0.6 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2015-0709 | Trust: 3.5 |
| db: | SECTRACK | id: | 1032211 | Trust: 1.2 |
| db: | JVNDB | id: | JVNDB-2015-002510 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201504-569 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2015-02813 | Trust: 0.6 |
| db: | BID | id: | 74381 | Trust: 0.4 |
| db: | VULHUB | id: | VHN-78655 | Trust: 0.1 |
| db: | VULMON | id: | CVE-2015-0709 | Trust: 0.1 |
REFERENCES
| url: | http://tools.cisco.com/security/center/viewalert.x?alertid=38544 | Trust: 2.7 |
| url: | https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0709 | Trust: 1.4 |
| url: | http://www.securitytracker.com/id/1032211 | Trust: 1.2 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0709 | Trust: 0.8 |
| url: | http://www.cisco.com/ | Trust: 0.3 |
| url: | https://cwe.mitre.org/data/definitions/399.html | Trust: 0.1 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
CREDITS
Cisco
Trust: 0.3
SOURCES
| db: | CNVD | id: | CNVD-2015-02813 |
| db: | VULHUB | id: | VHN-78655 |
| db: | VULMON | id: | CVE-2015-0709 |
| db: | BID | id: | 74381 |
| db: | JVNDB | id: | JVNDB-2015-002510 |
| db: | CNNVD | id: | CNNVD-201504-569 |
| db: | NVD | id: | CVE-2015-0709 |
LAST UPDATE DATE
2024-11-23T21:44:19.075000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2015-02813 | date: | 2015-04-30T00:00:00 |
| db: | VULHUB | id: | VHN-78655 | date: | 2015-09-10T00:00:00 |
| db: | VULMON | id: | CVE-2015-0709 | date: | 2015-09-10T00:00:00 |
| db: | BID | id: | 74381 | date: | 2015-04-28T00:00:00 |
| db: | JVNDB | id: | JVNDB-2015-002510 | date: | 2015-04-30T00:00:00 |
| db: | CNNVD | id: | CNNVD-201504-569 | date: | 2015-04-29T00:00:00 |
| db: | NVD | id: | CVE-2015-0709 | date: | 2024-11-21T02:23:34.743 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2015-02813 | date: | 2015-04-30T00:00:00 |
| db: | VULHUB | id: | VHN-78655 | date: | 2015-04-29T00:00:00 |
| db: | VULMON | id: | CVE-2015-0709 | date: | 2015-04-29T00:00:00 |
| db: | BID | id: | 74381 | date: | 2015-04-28T00:00:00 |
| db: | JVNDB | id: | JVNDB-2015-002510 | date: | 2015-04-30T00:00:00 |
| db: | CNNVD | id: | CNNVD-201504-569 | date: | 2015-04-29T00:00:00 |
| db: | NVD | id: | CVE-2015-0709 | date: | 2015-04-29T01:59:01.353 |