CVE-2015-0688
Published Apr 4, 2015
Last updated 9 years ago
Overview
- Description
- Cisco IOS XE 3.10.2S on an ASR 1000 device with an Embedded Services Processor (ESP) module, when NAT is enabled, allows remote attackers to cause a denial of service (module crash) via malformed H.323 packets, aka Bug ID CSCup21070.
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.1
- Impact score
- 6.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:N/A:C
Weaknesses
- nvd@nist.gov
- CWE-399
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:13.10.2s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AB106571-2F6B-4811-A724-568A71B54777"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asr_1001:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "BB1A55A9-55DE-4CAD-BD4D-5079C35246ED"
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-x:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7ADA8D81-4A28-4420-8D6D-8D3082F58CB6"
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "BE910FAF-EE5C-4901-B5E1-22ADA9C0BB0B"
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-x:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4652AC4B-B332-4C31-89F4-CA976FCECDCA"
},
{
"criteria": "cpe:2.3:h:cisco:asr_1004:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "685AE30F-B420-4398-9AF3-67BF118C9B6A"
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D2416CDB-19DE-42C4-863C-72DACBE97856"
},
{
"criteria": "cpe:2.3:h:cisco:asr_1013:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9C47BA42-A7B2-4A15-8363-FEC9EA9AC6B8"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]