Lucene search

CiscoCVE-2015-0609

HistoryFeb 16, 2015 - 12:59 a.m.

CVE-2015-0609

2015-02-1600:59:05

CWE-362

cisco

web.nvd.nist.gov

cisco

ios

cve-2015-0609

race condition

vulnerability

security

denial of service

cisco express forwarding

nvd

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

AI Score

6.8

Confidence

High

EPSS

0.014

Percentile

86.2%

JSON

Race condition in the Common Classification Engine (CCE) in the Measurement, Aggregation, and Correlation Engine (MACE) implementation in Cisco IOS 15.4(2)T3 and earlier allows remote attackers to cause a denial of service (device reload) via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching, aka Bug ID CSCuj96752.

Affected configurations

Nvd

Node

ciscoiosRange≤15.4\(2\)t3

ciscoiosMatch15.4\(1\)t

ciscoiosMatch15.4\(1\)t1

ciscoiosMatch15.4\(1\)t2

ciscoiosMatch15.4\(1\)t3

ciscoiosMatch15.4\(1\)t4

ciscoiosMatch15.4\(2\)t

ciscoiosMatch15.4\(2\)t1

ciscoiosMatch15.4\(2\)t2

ciscoiosMatch15.4t

VendorProductVersionCPE
ciscoios*cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*
ciscoios15.4(1)tcpe:2.3:o:cisco:ios:15.4\(1\)t:*:*:*:*:*:*:*
ciscoios15.4(1)t1cpe:2.3:o:cisco:ios:15.4\(1\)t1:*:*:*:*:*:*:*
ciscoios15.4(1)t2cpe:2.3:o:cisco:ios:15.4\(1\)t2:*:*:*:*:*:*:*
ciscoios15.4(1)t3cpe:2.3:o:cisco:ios:15.4\(1\)t3:*:*:*:*:*:*:*
ciscoios15.4(1)t4cpe:2.3:o:cisco:ios:15.4\(1\)t4:*:*:*:*:*:*:*
ciscoios15.4(2)tcpe:2.3:o:cisco:ios:15.4\(2\)t:*:*:*:*:*:*:*
ciscoios15.4(2)t1cpe:2.3:o:cisco:ios:15.4\(2\)t1:*:*:*:*:*:*:*
ciscoios15.4(2)t2cpe:2.3:o:cisco:ios:15.4\(2\)t2:*:*:*:*:*:*:*
ciscoios15.4tcpe:2.3:o:cisco:ios:15.4t:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios	*	cpe:2.3:o:cisco:ios::::::::
cisco	ios	15.4(1)t	cpe:2.3:o:cisco:ios:15.4\(1\)t:::::::*
cisco	ios	15.4(1)t1	cpe:2.3:o:cisco:ios:15.4\(1\)t1:::::::*
cisco	ios	15.4(1)t2	cpe:2.3:o:cisco:ios:15.4\(1\)t2:::::::*
cisco	ios	15.4(1)t3	cpe:2.3:o:cisco:ios:15.4\(1\)t3:::::::*
cisco	ios	15.4(1)t4	cpe:2.3:o:cisco:ios:15.4\(1\)t4:::::::*
cisco	ios	15.4(2)t	cpe:2.3:o:cisco:ios:15.4\(2\)t:::::::*
cisco	ios	15.4(2)t1	cpe:2.3:o:cisco:ios:15.4\(2\)t1:::::::*
cisco	ios	15.4(2)t2	cpe:2.3:o:cisco:ios:15.4\(2\)t2:::::::*
cisco	ios	15.4t	cpe:2.3:o:cisco:ios:15.4t:::::::*

References

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0609

tools.cisco.com/security/center/viewAlert.x?alertId=37420

www.securityfocus.com/bid/72564

www.securitytracker.com/id/1031731

exchange.xforce.ibmcloud.com/vulnerabilities/100809

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

AI Score

6.8

Confidence

High

EPSS

0.014

Percentile

86.2%

JSON

Related for CVE-2015-0609