Lucene search

CiscoCVE-2015-0687

HistoryApr 03, 2015 - 2:00 a.m.

CVE-2015-0687

2015-04-0302:00:25

CWE-399

cisco

web.nvd.nist.gov

cisco

ios

snmp

vulnerability

denial of service

cisco catalyst 4500

vss

remote authentication

bug id

cscuq04574

cve-2015-0687

CVSS2

6.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:N/I:N/A:C

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

43.8%

JSON

The SNMP implementation in Cisco IOS 15.1(2)SG4 on Catalyst 4500 devices, when single-switch Virtual Switching System (VSS) is configured, allows remote authenticated users to cause a denial of service (device crash) by performing SNMP polling, aka Bug ID CSCuq04574.

Affected configurations

Nvd

Node

ciscoiosMatch15.1\(2\)sg4

ciscoiosMatch15.1sg

AND

ciscocatalyst_4503

ciscocatalyst_4503-e

ciscocatalyst_4506-e

ciscocatalyst_4507r\+e

ciscocatalyst_4507r-e

ciscocatalyst_4510r\+e

ciscocatalyst_4510r-e

VendorProductVersionCPE
ciscoios15.1(2)sg4cpe:2.3:o:cisco:ios:15.1\(2\)sg4:*:*:*:*:*:*:*
ciscoios15.1sgcpe:2.3:o:cisco:ios:15.1sg:*:*:*:*:*:*:*
ciscocatalyst_4503*cpe:2.3:h:cisco:catalyst_4503:*:*:*:*:*:*:*:*
ciscocatalyst_4503-e*cpe:2.3:h:cisco:catalyst_4503-e:*:*:*:*:*:*:*:*
ciscocatalyst_4506-e*cpe:2.3:h:cisco:catalyst_4506-e:*:*:*:*:*:*:*:*
ciscocatalyst_4507r\+e*cpe:2.3:h:cisco:catalyst_4507r\+e:*:*:*:*:*:*:*:*
ciscocatalyst_4507r-e*cpe:2.3:h:cisco:catalyst_4507r-e:*:*:*:*:*:*:*:*
ciscocatalyst_4510r\+e*cpe:2.3:h:cisco:catalyst_4510r\+e:*:*:*:*:*:*:*:*
ciscocatalyst_4510r-e*cpe:2.3:h:cisco:catalyst_4510r-e:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios	15.1(2)sg4	cpe:2.3:o:cisco:ios:15.1\(2\)sg4:::::::*
cisco	ios	15.1sg	cpe:2.3:o:cisco:ios:15.1sg:::::::*
cisco	catalyst_4503	*	cpe:2.3:h:cisco:catalyst_4503::::::::
cisco	catalyst_4503-e	*	cpe:2.3:h:cisco:catalyst_4503-e::::::::
cisco	catalyst_4506-e	*	cpe:2.3:h:cisco:catalyst_4506-e::::::::
cisco	catalyst_4507r\+e	*	cpe:2.3:h:cisco:catalyst_4507r\+e::::::::
cisco	catalyst_4507r-e	*	cpe:2.3:h:cisco:catalyst_4507r-e::::::::
cisco	catalyst_4510r\+e	*	cpe:2.3:h:cisco:catalyst_4510r\+e::::::::
cisco	catalyst_4510r-e	*	cpe:2.3:h:cisco:catalyst_4510r-e::::::::

References

tools.cisco.com/security/center/viewAlert.x?alertId=38194

www.securitytracker.com/id/1032022

CVSS2

6.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:N/I:N/A:C

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

43.8%

JSON

Related for CVE-2015-0687