CVE-2015-0636

The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (disrupted domain access) via spoofed AN messages that reset a finite state machine, aka Bug ID CSCup62293.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:C
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 76%
VendorProductVersion
ciscoios_xe
3.10s.4:s.4
ciscoios_xe
3.12s.0:s.0
ciscoios_xe
3.12s.1:s.1
ciscoios_xe
3.12s.2:s.2
ciscoios_xe
3.12s.3:s.3
ciscoios_xe
3.13s.0:s.0
ciscoios
12.2\(33\)ird1
ciscoios
12.2\(33\)ire3
ciscoios
12.2\(33\)sxi4b
ciscoios
12.2\(44\)sq1
ciscoios
12.4\(25e\)jam1
ciscoios
12.4\(25e\)jap1m
ciscoios
12.4\(25e\)jaz1
ciscoios
15.0\(2\)ed1
ciscoios
15.2\(1\)ex
ciscoios
15.2\(2\)jb1
ciscoios
15.3\(2\)s2
ciscoios
15.3\(3\)ja1n
ciscoios
15.3\(3\)jab1
ciscoios
15.3\(3\)jn
ciscoios
15.3\(3\)jnb
ciscoios
15.4\(1\)s
ciscoios
15.4\(1\)s1
ciscoios
15.4\(1\)s2
ciscoios
15.4\(1\)s3
ciscoios
15.4\(2\)s
ciscoios
15.4\(2\)s1
ciscoios
15.4\(2\)s2
ciscoios
15.4\(3\)s
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ani
http://www.securitytracker.com/id/1031982
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ani
http://www.securitytracker.com/id/1031982