PT-2015-4776 · Cisco · Cisco Ios Xe
Publicado
2015-03-25
·
Atualizado
2015-09-04
·
CVE-2015-0640
CVSS v2.0
7.8
Alta
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Cisco IOS XE versions 2.x through 3.15 before 3.15.0S
Cisco IOS XE versions 3.10 before 3.10.4S
Cisco IOS XE versions 3.11 before 3.11.3S
Cisco IOS XE versions 3.12 before 3.12.1S
Cisco IOS XE versions 3.13 before 3.13.0S
Cisco IOS XE versions 3.14 before 3.14.0S
Description
The issue allows remote attackers to cause a denial of service via large IP packets that require NAT and HSL processing after fragmentation. Successful exploitation could trigger a reload of the forwarding plane, causing an interruption of services, and repeated exploitation could result in a sustained denial of service condition. Additionally, exploitation of the crafted TCP packet vulnerability could allow an unauthenticated remote attacker to execute malicious code on the affected device.
Recommendations
For Cisco IOS XE versions 2.x through 3.15 before 3.15.0S, update to version 3.15.0S or later.
For Cisco IOS XE versions 3.10 before 3.10.4S, update to version 3.10.4S or later.
For Cisco IOS XE versions 3.11 before 3.11.3S, update to version 3.11.3S or later.
For Cisco IOS XE versions 3.12 before 3.12.1S, update to version 3.12.1S or later.
For Cisco IOS XE versions 3.13 before 3.13.0S, update to version 3.13.0S or later.
For Cisco IOS XE versions 3.14 before 3.14.0S, update to version 3.14.0S or later.
Correção
RCE
DoS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Cisco Ios Xe