CVE-2015-0672

2015-03-2610:59:15

CWE-399

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.6

Confidence

High

EPSS

0.002

Percentile

56.0%

JSON

The DHCPv4 server in Cisco IOS XR 5.2.2 on ASR 9000 devices allows remote attackers to cause a denial of service (service outage) via a flood of crafted DHCP packets, aka Bug ID CSCup67822.

Affected configurations

Nvd

Node

ciscoios_xrMatch5.2.2

AND

ciscoasr_9001Match-

ciscoasr_9006Match-

ciscoasr_9010Match-

ciscoasr_9904Match-

ciscoasr_9912Match-

ciscoasr_9922Match-

VendorProductVersionCPE
ciscoios_xr5.2.2cpe:2.3:o:cisco:ios_xr:5.2.2:*:*:*:*:*:*:*
ciscoasr_9001-cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*
ciscoasr_9006-cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*
ciscoasr_9010-cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*
ciscoasr_9904-cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*
ciscoasr_9912-cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*
ciscoasr_9922-cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios_xr	5.2.2	cpe:2.3:o:cisco:ios_xr:5.2.2:::::::*
cisco	asr_9001	-	cpe:2.3:h:cisco:asr_9001:-:::::::*
cisco	asr_9006	-	cpe:2.3:h:cisco:asr_9006:-:::::::*
cisco	asr_9010	-	cpe:2.3:h:cisco:asr_9010:-:::::::*
cisco	asr_9904	-	cpe:2.3:h:cisco:asr_9904:-:::::::*
cisco	asr_9912	-	cpe:2.3:h:cisco:asr_9912:-:::::::*
cisco	asr_9922	-	cpe:2.3:h:cisco:asr_9922:-:::::::*