| Vulnerability Name: | CVE-2015-0650 (CCN-101807) | ||||||||
| Assigned: | 2015-03-25 | ||||||||
| Published: | 2015-03-25 | ||||||||
| Updated: | 2015-09-04 | ||||||||
| Summary: | The Service Discovery Gateway (aka mDNS Gateway) in Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 3.9.xS and 3.10.xS before 3.10.4S, 3.11.xS before 3.11.3S, 3.12.xS before 3.12.2S, and 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (device reload) by sending malformed mDNS UDP packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCup70579. | ||||||||
| CVSS v3 Severity: | 7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
| ||||||||
| CVSS v2 Severity: | 7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C) 5.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
5.8 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-20 | ||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||
| References: | Source: MITRE Type: CNA CVE-2015-0650 Source: CCN Type: Cisco Security Advisory ID: cisco-sa-20150325-mdns Cisco IOS Software and IOS XE Software mDNS Gateway Denial of Service Vulnerability Source: CISCO Type: Vendor Advisory 20150325 Cisco IOS Software and IOS XE Software mDNS Gateway Denial of Service Vulnerability Source: SECTRACK Type: UNKNOWN 1031979 Source: XF Type: UNKNOWN ciscoios-cve20150650-dos(101807) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||