CVE-2015-0742

Published May 21, 2015

Last updated 3 months ago

CVSS info 5.0

Overview

Description: The Protocol Independent Multicast (PIM) application in Cisco Adaptive Security Appliance (ASA) Software 9.2(0.0), 9.2(0.104), 9.2(3.1), 9.2(3.4), 9.3(1.105), 9.3(2.100), 9.4(0.115), 100.13(0.21), 100.13(20.3), 100.13(21.9), and 100.14(1.1) does not properly implement multicast-forwarding registration, which allows remote attackers to cause a denial of service (forwarding outage) via a crafted multicast packet, aka Bug ID CSCus74398.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:9.2\\(3.4\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A9ABCC1-3161-4C38-A8B1-3F26C3FDF399"
          },
          {
            "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:9.4\\(0.115\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90D35A40-AFCC-4C19-B98C-0B10EAC2C217"
          },
          {
            "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:100.13\\(0.21\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB43C79E-C103-49D9-B476-E20DC35585DC"
          },
          {
            "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:100.13\\(20.3\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F51433B-2671-4F69-B81F-A5D0495D7E6C"
          },
          {
            "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:100.13\\(21.9\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93C158B3-C4FC-41A3-A60E-8E5045C10A67"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(0.0\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3A13A9C-5387-4670-8E20-FE878946D091"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(0.104\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9F7C7DA3-C24B-41BB-BDBE-7DC58EEAC4F8"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(3.1\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AFC39DA3-8171-4344-A946-7965873C56F3"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(1.105\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E26A1B0-D61C-4A25-8E10-02A2E3E7A02B"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(2.100\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F4A28B7-87A2-464A-92A8-644E3F7D13D7"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:100.14\\(1.1\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31C5DEB8-688A-435E-8D80-14468F8FFCBD"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References