CVE-2015-0688

Published Apr 4, 2015

Last updated 3 months ago

CVSS info 7.1

Overview

Description: Cisco IOS XE 3.10.2S on an ASR 1000 device with an Embedded Services Processor (ESP) module, when NAT is enabled, allows remote attackers to cause a denial of service (module crash) via malformed H.323 packets, aka Bug ID CSCup21070.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.1
Impact score: 6.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:13.10.2s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB106571-2F6B-4811-A724-568A71B54777"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:asr_1001:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BB1A55A9-55DE-4CAD-BD4D-5079C35246ED"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1001-x:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7ADA8D81-4A28-4420-8D6D-8D3082F58CB6"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1002:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BE910FAF-EE5C-4901-B5E1-22ADA9C0BB0B"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1002-x:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4652AC4B-B332-4C31-89F4-CA976FCECDCA"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1004:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "685AE30F-B420-4398-9AF3-67BF118C9B6A"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1006:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D2416CDB-19DE-42C4-863C-72DACBE97856"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1013:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9C47BA42-A7B2-4A15-8363-FEC9EA9AC6B8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References