Lucene search

CiscoCVE-2015-6272

HistoryAug 31, 2015 - 8:59 p.m.

CVE-2015-6272

2015-08-3120:59:06

CWE-399

cisco

web.nvd.nist.gov

cve-2015-6272

cisco

ios xe

asr 1000

nat

alg

denial of service

vulnerability

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.8

Confidence

High

EPSS

0.002

Percentile

56.0%

JSON

Cisco IOS XE 2.1.0 through 2.2.3 and 2.3.0 on ASR 1000 devices, when NAT Application Layer Gateway is used, allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted H.323 packet, aka Bug ID CSCsx35393, CSCsx07094, and CSCsw93064.

Affected configurations

Nvd

Node

ciscoios_xeMatch2.1.0

ciscoios_xeMatch2.1.1

ciscoios_xeMatch2.1.2

ciscoios_xeMatch2.1.3

ciscoios_xeMatch2.2.1

ciscoios_xeMatch2.2.2

ciscoios_xeMatch2.2.3

ciscoios_xeMatch2.3.0

AND

ciscoasr_1001Match-

ciscoasr_1001-xMatch-

ciscoasr_1002Match-

ciscoasr_1002-xMatch-

ciscoasr_1004Match-

ciscoasr_1006Match-

ciscoasr_1013Match-

VendorProductVersionCPE
ciscoios_xe2.1.0cpe:2.3:o:cisco:ios_xe:2.1.0:*:*:*:*:*:*:*
ciscoios_xe2.1.1cpe:2.3:o:cisco:ios_xe:2.1.1:*:*:*:*:*:*:*
ciscoios_xe2.1.2cpe:2.3:o:cisco:ios_xe:2.1.2:*:*:*:*:*:*:*
ciscoios_xe2.1.3cpe:2.3:o:cisco:ios_xe:2.1.3:*:*:*:*:*:*:*
ciscoios_xe2.2.1cpe:2.3:o:cisco:ios_xe:2.2.1:*:*:*:*:*:*:*
ciscoios_xe2.2.2cpe:2.3:o:cisco:ios_xe:2.2.2:*:*:*:*:*:*:*
ciscoios_xe2.2.3cpe:2.3:o:cisco:ios_xe:2.2.3:*:*:*:*:*:*:*
ciscoios_xe2.3.0cpe:2.3:o:cisco:ios_xe:2.3.0:*:*:*:*:*:*:*
ciscoasr_1001-cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*
ciscoasr_1001-x-cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios_xe	2.1.0	cpe:2.3:o:cisco:ios_xe:2.1.0:::::::*
cisco	ios_xe	2.1.1	cpe:2.3:o:cisco:ios_xe:2.1.1:::::::*
cisco	ios_xe	2.1.2	cpe:2.3:o:cisco:ios_xe:2.1.2:::::::*
cisco	ios_xe	2.1.3	cpe:2.3:o:cisco:ios_xe:2.1.3:::::::*
cisco	ios_xe	2.2.1	cpe:2.3:o:cisco:ios_xe:2.2.1:::::::*
cisco	ios_xe	2.2.2	cpe:2.3:o:cisco:ios_xe:2.2.2:::::::*
cisco	ios_xe	2.2.3	cpe:2.3:o:cisco:ios_xe:2.2.3:::::::*
cisco	ios_xe	2.3.0	cpe:2.3:o:cisco:ios_xe:2.3.0:::::::*
cisco	asr_1001	-	cpe:2.3:h:cisco:asr_1001:-:::::::*
cisco	asr_1001-x	-	cpe:2.3:h:cisco:asr_1001-x:-:::::::*

Rows per page:

1-10 of 151

References

tools.cisco.com/security/center/viewAlert.x?alertId=40689

www.securitytracker.com/id/1033410

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.8

Confidence

High

EPSS

0.002

Percentile

56.0%

JSON

Related for CVE-2015-6272