CVE-2015-0631

Published Feb 21, 2015

Last updated 10 years ago

Overview

Description: Race condition in the SSL implementation on Cisco Intrusion Prevention System (IPS) devices allows remote attackers to cause a denial of service by making many management-interface HTTPS connections during the key-regeneration phase of an upgrade, aka Bug ID CSCui25688.
Source: ykramarz@cisco.com
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.1
Impact score: 6.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-362

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:ips_sensor_software:7.2\\(1\\)e4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC0E024F-9E6A-4CC3-AA35-71D919FFE422"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ips_sensor_software:7.2\\(2\\)e4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EEE4ECF3-881A-43A5-BBE2-4DCACD399EC5"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:ids_4210:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8F16322D-1B9A-4378-8A19-AD108FAC7D07"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ids_4215:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "79D91EA2-CD3F-4C3C-B052-72ADDE6D79A3"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ids_4220:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "56161609-806D-4FF6-9B0B-E2AD491D7066"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ids_4230:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E021E32E-F237-4249-BC22-7226FDD158D1"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ids_4235:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "909D1328-04C6-4870-B7BA-6ED45F15FF38"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ids_4250:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "10446949-EDCA-4775-B8CA-AB8FC32B8EF6"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ids_4250_xl:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "24ABF6DE-3A80-4D1D-801E-20F5CF26C68A"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ips_4240:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "661A7A3E-09E3-44DA-AEB5-8021BCEF30EF"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ips_4255:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4A2BCB3B-CE33-4B96-A125-8E7001845A5C"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ips_4260:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1C3637DA-60C8-4F15-8906-F67ADA344A18"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ips_4270:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "78AE85C6-12A9-4FF6-84CD-C9A197A846F4"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References