CVE-2015-0712

2015-05-0110:59:01

CWE-399

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.7

Confidence

High

EPSS

0.002

Percentile

56.0%

JSON

The session-manager service in Cisco StarOS 12.0, 12.2(300), 14.0, and 14.0(600) on ASR 5000 devices allows remote attackers to cause a denial of service (service reload and packet loss) via malformed HTTP packets, aka Bug ID CSCud14217.

Affected configurations

Nvd

Node

ciscostarosMatch12.0

ciscostarosMatch12.2\(300\)

ciscostarosMatch14.0

ciscostarosMatch14.0\(600\)

AND

ciscoasr_5000Match-

ciscoasr_5500Match-

ciscoasr_5700Match-

VendorProductVersionCPE
ciscostaros12.0cpe:2.3:o:cisco:staros:12.0:*:*:*:*:*:*:*
ciscostaros12.2(300)cpe:2.3:o:cisco:staros:12.2\(300\):*:*:*:*:*:*:*
ciscostaros14.0cpe:2.3:o:cisco:staros:14.0:*:*:*:*:*:*:*
ciscostaros14.0(600)cpe:2.3:o:cisco:staros:14.0\(600\):*:*:*:*:*:*:*
ciscoasr_5000-cpe:2.3:h:cisco:asr_5000:-:*:*:*:*:*:*:*
ciscoasr_5500-cpe:2.3:h:cisco:asr_5500:-:*:*:*:*:*:*:*
ciscoasr_5700-cpe:2.3:h:cisco:asr_5700:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	staros	12.0	cpe:2.3:o:cisco:staros:12.0:::::::*
cisco	staros	12.2(300)	cpe:2.3:o:cisco:staros:12.2\(300\):::::::*
cisco	staros	14.0	cpe:2.3:o:cisco:staros:14.0:::::::*
cisco	staros	14.0(600)	cpe:2.3:o:cisco:staros:14.0\(600\):::::::*
cisco	asr_5000	-	cpe:2.3:h:cisco:asr_5000:-:::::::*
cisco	asr_5500	-	cpe:2.3:h:cisco:asr_5500:-:::::::*
cisco	asr_5700	-	cpe:2.3:h:cisco:asr_5700:-:::::::*