CVE-2015-0695

Published Apr 17, 2015

Last updated 8 years ago

Overview

Description: Cisco IOS XR 4.3.4 through 5.3.0 on ASR 9000 devices, when uRPF, PBR, QoS, or an ACL is configured, does not properly handle bridge-group virtual interface (BVI) traffic, which allows remote attackers to cause a denial of service (chip and card hangs and reloads) by triggering use of a BVI interface for IPv4 packets, aka Bug ID CSCur62957.
Source: ykramarz@cisco.com
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-19

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:4.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "074571B4-65EF-451A-89DC-0797F6E4BFEA"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:4.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D909532E-85F5-4201-8BFF-561A21998D97"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:4.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "73D962D3-563F-4CDE-B51D-224D7995FBC9"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:4.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06028637-0F8D-4554-8465-7C70EE3B0944"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:5.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9839DC3C-8B8A-49D5-9E50-BB7C4BCE5878"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:5.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12A14B46-0EC9-4FE4-AD28-F0F7861465B1"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:5.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61C1B066-9DED-46D7-9DF7-AB55DF01B80F"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:5.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE1DFA18-E6D7-4F1D-8D9B-70323B2983AC"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:5.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "95175A2E-14DB-4730-93EA-2291ED7E0DFC"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References