Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-0635

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2015-0635
Last Modified 01 Oct 2015 01:13:36
Published 26 Mar 2015 06:59:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2015-0635

Summary

The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to spoof Autonomic Networking Registration Authority (ANRA) responses, and consequently bypass intended device and node access restrictions or cause a denial of service (disrupted domain access), via crafted AN messages, aka Bug ID CSCup62191.

Vulnerable Systems

Operating System

  • Cisco Ios 12.2%2833%29ird1

  • Cisco Ios 12.2%2833%29ire3

  • Cisco Ios 12.2%2833%29sxi4b

  • Cisco Ios 12.2%2844%29sq1

  • Cisco Ios 12.4%2825e%29jam1

  • Cisco Ios 12.4%2825e%29jap1m

  • Cisco Ios 12.4%2825e%29jaz1

  • Cisco Ios 15.0%282%29ed1

  • Cisco Ios 15.2%281%29ex

  • Cisco Ios 15.2%282%29jb1

  • Cisco Ios 15.3%282%29s2

  • Cisco Ios 15.3%283%29ja1n

  • Cisco Ios 15.3%283%29jab1

  • Cisco Ios 15.3%283%29jn

  • Cisco Ios 15.3%283%29jnb

  • Cisco Ios 15.3%283%29s

  • Cisco Ios 15.3%283%29s1

  • Cisco Ios 15.3%283%29s2

  • Cisco Ios 15.3%283%29s3

  • Cisco Ios 15.3%283%29s4

  • Cisco Ios 15.3%283%29s5

  • Cisco Ios 15.4%281%29s

  • Cisco Ios 15.4%281%29s1

  • Cisco Ios 15.4%281%29s2

  • Cisco Ios 15.4%281%29s3

  • Cisco Ios 15.4%282%29s

  • Cisco Ios 15.4%282%29s1

  • Cisco Ios 15.4%282%29s2

  • Cisco Ios 15.4%283%29s

  • Cisco Ios Xe 3.10s.0

  • Cisco Ios Xe 3.10s.1

  • Cisco Ios Xe 3.10s.2

  • Cisco Ios Xe 3.10s.3

  • Cisco Ios Xe 3.10s.4

  • Cisco Ios Xe 3.10s.5

  • Cisco Ios Xe 3.11s.0

  • Cisco Ios Xe 3.11s.1

  • Cisco Ios Xe 3.11s.2

  • Cisco Ios Xe 3.11s.3

  • Cisco Ios Xe 3.12s.0

  • Cisco Ios Xe 3.12s.1

  • Cisco Ios Xe 3.12s.2

  • Cisco Ios Xe 3.13s.0


References

CISCO - 20150325 Multiple Vulnerabilities in Cisco IOS Software and IOS XE Software Autonomic Networking Infrastructure

SECTRACK - 1031982


Last Updated: 27 May 2016 11:08:13