Lucene search
HistoryApr 04, 2015 - 1:59 a.m.
CVE-2015-0688
CVSS2
7.1
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
AI Score
6.6
Confidence
High
EPSS
0.002
Percentile
56.0%
Cisco IOS XE 3.10.2S on an ASR 1000 device with an Embedded Services Processor (ESP) module, when NAT is enabled, allows remote attackers to cause a denial of service (module crash) via malformed H.323 packets, aka Bug ID CSCup21070.
Affected configurations
Node
ciscoios_xeMatch13.10.2s
ciscoasr_1001
ORciscoasr_1001-x
ORciscoasr_1002
ORciscoasr_1002-x
ORciscoasr_1004
ORciscoasr_1006
ORciscoasr_1013
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | ios_xe | 13.10.2s | cpe:2.3:o:cisco:ios_xe:13.10.2s:*:*:*:*:*:*:* |
| cisco | asr_1001 | * | cpe:2.3:h:cisco:asr_1001:*:*:*:*:*:*:*:* |
| cisco | asr_1001-x | * | cpe:2.3:h:cisco:asr_1001-x:*:*:*:*:*:*:*:* |
| cisco | asr_1002 | * | cpe:2.3:h:cisco:asr_1002:*:*:*:*:*:*:*:* |
| cisco | asr_1002-x | * | cpe:2.3:h:cisco:asr_1002-x:*:*:*:*:*:*:*:* |
| cisco | asr_1004 | * | cpe:2.3:h:cisco:asr_1004:*:*:*:*:*:*:*:* |
| cisco | asr_1006 | * | cpe:2.3:h:cisco:asr_1006:*:*:*:*:*:*:*:* |
| cisco | asr_1013 | * | cpe:2.3:h:cisco:asr_1013:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2015-0688
2015-04-04 01:00:00
cve
cve
CVE-2015-0688
2015-04-04 01:59:02
prion
prion
Code injection
2015-04-04 01:59:00
nessus
nessus
Cisco IOS XE Software for 1000 Series Aggregation Services Routers H.323 DoS
2015-05-28 00:00:00
cisco
cisco
Cisco ASR1000 Series Routers ESP Module Denial of Service Vulnerability
2015-04-03 14:12:34
CVSS2
7.1
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
AI Score
6.6
Confidence
High
EPSS
0.002
Percentile
56.0%
Related for NVD:CVE-2015-0688