Vulnerability Name:

CVE-2015-0688 (CCN-102126)

Assigned:2015-04-03
Published:2015-04-03
Updated:2015-09-29
Summary:Cisco IOS XE 3.10.2S on an ASR 1000 device with an Embedded Services Processor (ESP) module, when NAT is enabled, allows remote attackers to cause a denial of service (module crash) via malformed H.323 packets, aka Bug ID CSCup21070.
CVSS v3 Severity:5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:7.1 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C)
5.3 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
5.4 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:C)
4.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-399
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2015-0688

Source: CCN
Type: SECTRACK ID: 1032023
Cisco ASR 1000 Series Router H.323 Processing Flaw Lets Remote Users Deny Service

Source: CCN
Type: Cisco Vulnerability Alert 38210
Cisco ASR1000 Series Routers ESP Module Denial of Service Vulnerability

Source: CISCO
Type: Vendor Advisory
20150403 Cisco ASR1000 Series Routers ESP Module Denial of Service Vulnerability

Source: SECTRACK
Type: UNKNOWN
1032023

Source: XF
Type: UNKNOWN
cisco-asr1000-cve20150688-dos(102126)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:cisco:ios_xe:13.10.2s:*:*:*:*:*:*:*
  • AND
  • cpe:/h:cisco:asr_1001:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:asr_1001-x:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:asr_1002:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:asr_1002-x:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:asr_1004:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:asr_1006:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:asr_1013:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:cisco:asr_1000_series_software:15.5(3)s:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    cisco ios xe 13.10.2s
    cisco asr 1001 *
    cisco asr 1001-x *
    cisco asr 1002 *
    cisco asr 1002-x *
    cisco asr 1004 *
    cisco asr 1006 *
    cisco asr 1013 *
    cisco asr 1000 series software 15.5(3)s