Lucene search

[email protected]NVD:CVE-2015-6273

HistoryAug 29, 2015 - 1:59 a.m.

CVE-2015-6273

2015-08-2901:59:02

CWE-399

[email protected]

web.nvd.nist.gov

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.7

Confidence

High

EPSS

0.002

Percentile

56.0%

JSON

Cisco IOS XE before 3.1.2S on ASR 1000 devices mishandles the automatic setup of Virtual Fragment Reassembly (VFR) by certain firewall and NAT components, which allows remote attackers to cause a denial of service (Embedded Services Processor crash) via crafted IP packets, aka Bug IDs CSCtf87624, CSCte93229, CSCtd19103, and CSCti63623.

Affected configurations

Nvd

Node

ciscoios_xeMatch2.2.1

ciscoios_xeMatch2.2.2

ciscoios_xeMatch2.2.3

ciscoios_xeMatch3.1.0s

ciscoios_xeMatch3.1.1s

AND

ciscoasr_1001Match-

ciscoasr_1001-xMatch-

ciscoasr_1002Match-

ciscoasr_1002-xMatch-

ciscoasr_1004Match-

ciscoasr_1006Match-

ciscoasr_1013Match-

VendorProductVersionCPE
ciscoios_xe2.2.1cpe:2.3:o:cisco:ios_xe:2.2.1:*:*:*:*:*:*:*
ciscoios_xe2.2.2cpe:2.3:o:cisco:ios_xe:2.2.2:*:*:*:*:*:*:*
ciscoios_xe2.2.3cpe:2.3:o:cisco:ios_xe:2.2.3:*:*:*:*:*:*:*
ciscoios_xe3.1.0scpe:2.3:o:cisco:ios_xe:3.1.0s:*:*:*:*:*:*:*
ciscoios_xe3.1.1scpe:2.3:o:cisco:ios_xe:3.1.1s:*:*:*:*:*:*:*
ciscoasr_1001-cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*
ciscoasr_1001-x-cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*
ciscoasr_1002-cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*
ciscoasr_1002-x-cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*
ciscoasr_1004-cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios_xe	2.2.1	cpe:2.3:o:cisco:ios_xe:2.2.1:::::::*
cisco	ios_xe	2.2.2	cpe:2.3:o:cisco:ios_xe:2.2.2:::::::*
cisco	ios_xe	2.2.3	cpe:2.3:o:cisco:ios_xe:2.2.3:::::::*
cisco	ios_xe	3.1.0s	cpe:2.3:o:cisco:ios_xe:3.1.0s:::::::*
cisco	ios_xe	3.1.1s	cpe:2.3:o:cisco:ios_xe:3.1.1s:::::::*
cisco	asr_1001	-	cpe:2.3:h:cisco:asr_1001:-:::::::*
cisco	asr_1001-x	-	cpe:2.3:h:cisco:asr_1001-x:-:::::::*
cisco	asr_1002	-	cpe:2.3:h:cisco:asr_1002:-:::::::*
cisco	asr_1002-x	-	cpe:2.3:h:cisco:asr_1002-x:-:::::::*
cisco	asr_1004	-	cpe:2.3:h:cisco:asr_1004:-:::::::*

Rows per page:

1-10 of 121

References

tools.cisco.com/security/center/viewAlert.x?alertId=40690

www.securitytracker.com/id/1033408

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.7

Confidence

High

EPSS

0.002

Percentile

56.0%

JSON

Related for NVD:CVE-2015-6273

prion1 cvelist1 cve1