CVE-2015-0635

Published Mar 26, 2015
Last updated 4 months ago
CVSS info 9.0
Overview

Description: The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to spoof Autonomic Networking Registration Authority (ANRA) responses, and consequently bypass intended device and node access restrictions or cause a denial of service (disrupted domain access), via crafted AN messages, aka Bug ID CSCup62191.
Source: ykramarz@cisco.com
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 9
Impact score: 8.5
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:C
Weaknesses

nvd@nist.gov: CWE-20
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C1C77A7-FCD5-4558-A351-081D6678DB21"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24C948D8-C540-4FF1-A9F7-BFB20E5541FE"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7AF1294B-B4F6-40CC-A115-942B18CDA361"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B72E6572-FF41-4606-9DA5-FA486D591A58"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B74B72D9-AB41-4D98-BEF5-3CA37F68F645"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FC3A52D-50B6-44F0-A20B-09EE462EB0BD"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.11s.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0A98DFE-18FF-455A-AFA6-49960CB98C85"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.11s.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "277C9543-A842-45AB-A2EF-DB2F8412D748"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.11s.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C942D30-8344-425E-804E-E1BB1F1F0D22"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.11s.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7382973-7673-4D6E-8716-AFDE2EB04C94"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.12s.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5E6FF1A-D90D-412A-8159-E766DC14FA57"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.12s.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84E6DEE6-50EF-4333-B0B9-964A633734D1"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.12s.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D83A5AC0-C583-4B2E-8F08-989B3EF3F4EF"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.13s.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28303ADA-1B8E-42F6-9CD1-A457D863727B"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)ird1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ACA00878-FA42-4234-B3CD-F2F07F7CE9EA"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)ire3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B785F54A-DD27-4422-8F25-0A6EB3E36EEA"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi4b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "95470E1A-2FEC-41DA-8259-EE4F890A32B5"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.2\\(44\\)sq1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "742DA70E-6FF9-451D-9E62-F81EFB0BEB6C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.4\\(25e\\)jam1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30FFBD57-E751-42C8-AE89-CD2073F45688"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.4\\(25e\\)jap1m:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4D3B067-46F9-460B-A3EB-7FCA3DDA7E3E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.4\\(25e\\)jaz1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81CA75FF-8C2E-4D9C-BE57-34EF801C28D5"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)ed1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5D3C419-D1FF-45E8-A5B1-AFFC59567478"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)ex:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E92C269-3C17-4C9D-970F-E9C8EE709ADA"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E15A69BF-50B6-42BE-9F44-7A7EBA28CC6D"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.3\\(2\\)s2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6B7E5969-E55B-4EBF-ADDE-8A969174E03D"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja1n:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49DAE7DA-E0D3-4434-AD75-C8894D939A83"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jab1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CBEF7B94-3510-48FA-B783-1BF1C23C2C0C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jn:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32E6CCE7-88BB-4F4F-9253-EC67B5076767"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnb:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9BC3CD43-F30A-484B-9285-D925C1262212"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB84CE04-F2D0-4A37-B2BA-25126D1824D8"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E32C83FA-EBE9-4A84-B34A-25BBA4D47E3F"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "63ACFACC-23B7-4EAC-BDC0-E3C403642D88"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F3A95D5-157D-4335-87B4-8DA080A496FF"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E613BC4-AC20-4E43-8FB3-2EE9F0A2610D"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D54B325-22D5-4F21-BE28-BE28F6135FBF"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "237D305E-016D-4E84-827C-44D04E3E0999"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)s1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E993A32E-D2AF-4519-B4C9-7F576649D20F"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)s2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7260A66D-D477-440E-9A87-C05F9BD9E67C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)s3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31059ED1-4D82-43D7-8EF7-042125289CF1"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4151B2B1-B17F-4F1D-A211-34C7DB84E442"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)s1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "37B550C9-B2E4-44EE-8E0B-54D150C69A0F"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)s2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BEBBA614-74E7-43C7-8D33-ADF4BD79D477"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C63FF7C4-D9CE-4D6C-B36E-0C0DC06F453E"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
