Lucene search

CiscoCISCO-SA-20150325-CIP

HistoryMar 25, 2015 - 4:00 p.m.

Multiple Vulnerabilities in Cisco IOS Software Common Industrial Protocol

2015-03-2516:00:00

tools.cisco.com

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

EPSS

0.002

Percentile

56.2%

JSON

The Cisco IOS Software implementation of the Common Industrial Protocol (CIP) feature contains the following vulnerabilities when processing crafted CIP packets that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition:

Cisco IOS Software UDP CIP Denial of Service Vulnerability
Cisco IOS Software TCP CIP Packet Memory Leak Vulnerability
Cisco IOS Software TCP CIP Denial of Service Vulnerability

These vulnerabilities are independent of each other; a release that is affected by one of the vulnerabilities may not be affected by the others.

Successful exploitation of any of these vulnerabilities could allow an unauthenticated, remote attacker to cause a reload of the forwarding plane, resulting in an interruption of services on an affected device. Repeated exploitation could result in a sustained DoS condition.

Additionally, successful exploitation of Cisco IOS Software TCP CIP Packet Memory Leak Vulnerability could allow an unauthenticated, remote attacker to cause a memory leak on an affected device.

Cisco has released software updates that address these vulnerabilities. This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip”]

Note: The March 25, 2015, Cisco IOS & XE Software Security Advisory bundled publication includes seven Cisco Security Advisories. The advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS & XE Software Security Advisory Bundled Publication at the following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html[“http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html”]

Affected configurations

Vulners

Node

ciscoiosMatch12.2se

ciscoiosMatch12.2ex

ciscoiosMatch15.0ey

ciscoiosMatch15.0se

ciscoiosMatch15.0ex

ciscoiosMatch15.3s

ciscoiosMatch15.0ea

ciscoiosMatch15.2e

ciscoiosMatch15.2jb

ciscoiosMatch15.2ey

ciscoiosMatch15.2jaz

ciscoiosMatch15.2ea

ciscoiosMatch15.3jn

ciscoiosMatch12.4jap

ciscoiosMatch15.3ja

ciscoiosMatch15.3jaa

ciscoiosMatch15.3jab

ciscoiosMatch15.3jnb

ciscoiosMatch12.2\(55\)se

ciscoiosMatch12.2\(46\)se2

ciscoiosMatch12.2\(50\)se2

ciscoiosMatch12.2\(50\)se1

ciscoiosMatch12.2\(50\)se5

ciscoiosMatch12.2\(55\)se3

ciscoiosMatch12.2\(52\)se

ciscoiosMatch12.2\(58\)se

ciscoiosMatch12.2\(50\)se3

ciscoiosMatch12.2\(52\)se1

ciscoiosMatch12.2\(46\)se1

ciscoiosMatch12.2\(50\)se4

ciscoiosMatch12.2\(50\)se

ciscoiosMatch12.2\(58\)se1

ciscoiosMatch12.2\(55\)se4

ciscoiosMatch12.2\(58\)se2

ciscoiosMatch12.2\(55\)se5

ciscoiosMatch12.2\(55\)se6

ciscoiosMatch12.2\(55\)se7

ciscoiosMatch12.2\(55\)se8

ciscoiosMatch12.2\(55\)se9

ciscoiosMatch12.2\(55\)se10

ciscoiosMatch12.2\(55\)se13

ciscoiosMatch12.2\(44\)ex

ciscoiosMatch12.2\(44\)ex1

ciscoiosMatch15.0\(1\)ey

ciscoiosMatch15.0\(1\)ey1

ciscoiosMatch15.0\(1\)ey2

ciscoiosMatch15.0\(2\)ey

ciscoiosMatch15.0\(2\)ey1

ciscoiosMatch15.0\(2\)ey2

ciscoiosMatch15.0\(2\)ey3

ciscoiosMatch15.0\(2\)se

ciscoiosMatch15.0\(2\)se1

ciscoiosMatch15.0\(2\)se2

ciscoiosMatch15.0\(2\)se3

ciscoiosMatch15.0\(2\)se4

ciscoiosMatch15.0\(2\)se5

ciscoiosMatch15.0\(2\)se6

ciscoiosMatch15.0\(2\)se7

ciscoiosMatch15.0\(2\)se8

ciscoiosMatch15.0\(2\)se9

ciscoiosMatch15.0\(2\)se10

ciscoiosMatch15.0\(2\)se11

ciscoiosMatch15.0\(2\)se10a

ciscoiosMatch15.0\(2\)se12

ciscoiosMatch15.0\(2\)ex2

ciscoiosMatch15.0\(2\)ex8

ciscoiosMatch15.3\(2\)s2

ciscoiosMatch15.0\(2\)ea

ciscoiosMatch15.0\(2\)ea1

ciscoiosMatch15.2\(2\)e

ciscoiosMatch15.2\(2\)e1

ciscoiosMatch15.2\(2b\)e

ciscoiosMatch15.2\(2\)jb1

ciscoiosMatch15.2\(1\)ey

ciscoiosMatch15.2\(4\)jaz

ciscoiosMatch15.2\(4\)jaz1

ciscoiosMatch15.2\(2\)ea

ciscoiosMatch15.2\(3\)ea

ciscoiosMatch15.3\(3\)jn

ciscoiosMatch12.4\(25e\)jap1m

ciscoiosMatch15.3\(3\)ja

ciscoiosMatch15.3\(3\)ja1n

ciscoiosMatch15.3\(3\)ja1m

ciscoiosMatch15.3\(3\)ja1

ciscoiosMatch15.3\(3\)ja2

ciscoiosMatch15.3\(3\)jaa

ciscoiosMatch15.3\(3\)jab

ciscoiosMatch15.3\(3\)jnb

VendorProductVersionCPE
ciscoios12.2secpe:2.3:o:cisco:ios:12.2se:*:*:*:*:*:*:*
ciscoios12.2excpe:2.3:o:cisco:ios:12.2ex:*:*:*:*:*:*:*
ciscoios15.0eycpe:2.3:o:cisco:ios:15.0ey:*:*:*:*:*:*:*
ciscoios15.0secpe:2.3:o:cisco:ios:15.0se:*:*:*:*:*:*:*
ciscoios15.0excpe:2.3:o:cisco:ios:15.0ex:*:*:*:*:*:*:*
ciscoios15.3scpe:2.3:o:cisco:ios:15.3s:*:*:*:*:*:*:*
ciscoios15.0eacpe:2.3:o:cisco:ios:15.0ea:*:*:*:*:*:*:*
ciscoios15.2ecpe:2.3:o:cisco:ios:15.2e:*:*:*:*:*:*:*
ciscoios15.2jbcpe:2.3:o:cisco:ios:15.2jb:*:*:*:*:*:*:*
ciscoios15.2eycpe:2.3:o:cisco:ios:15.2ey:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios	12.2se	cpe:2.3:o:cisco:ios:12.2se:::::::*
cisco	ios	12.2ex	cpe:2.3:o:cisco:ios:12.2ex:::::::*
cisco	ios	15.0ey	cpe:2.3:o:cisco:ios:15.0ey:::::::*
cisco	ios	15.0se	cpe:2.3:o:cisco:ios:15.0se:::::::*
cisco	ios	15.0ex	cpe:2.3:o:cisco:ios:15.0ex:::::::*
cisco	ios	15.3s	cpe:2.3:o:cisco:ios:15.3s:::::::*
cisco	ios	15.0ea	cpe:2.3:o:cisco:ios:15.0ea:::::::*
cisco	ios	15.2e	cpe:2.3:o:cisco:ios:15.2e:::::::*
cisco	ios	15.2jb	cpe:2.3:o:cisco:ios:15.2jb:::::::*
cisco	ios	15.2ey	cpe:2.3:o:cisco:ios:15.2ey:::::::*