CVE-2015-0640

The high-speed logging (HSL) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via large IP packets that require NAT and HSL processing after fragmentation, aka Bug ID CSCuo25741.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:C
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 76%
VendorProductVersion
ciscoios_xe
3.1s.0:s.0
ciscoios_xe
3.1s.1:s.1
ciscoios_xe
3.1s.2:s.2
ciscoios_xe
3.1s.3:s.3
ciscoios_xe
3.1s.4:s.4
ciscoios_xe
3.1s.5:s.5
ciscoios_xe
3.1s.6:s.6
ciscoios_xe
3.2s.0:s.0
ciscoios_xe
3.2s.1:s.1
ciscoios_xe
3.2s.2:s.2
ciscoios_xe
3.2s.3:s.3
ciscoios_xe
3.3s.0:s.0
ciscoios_xe
3.3s.1:s.1
ciscoios_xe
3.3s.2:s.2
ciscoios_xe
3.5s:s
ciscoios_xe
3.5s.0:s.0
ciscoios_xe
3.5s.1:s.1
ciscoios_xe
3.5s.2:s.2
ciscoios_xe
3.6s:s
ciscoios_xe
3.6s.0:s.0
ciscoios_xe
3.6s.1:s.1
ciscoios_xe
3.6s.2:s.2
ciscoios_xe
3.7s:s
ciscoios_xe
3.7s.0:s.0
ciscoios_xe
3.7s.1:s.1
ciscoios_xe
3.7s.2:s.2
ciscoios_xe
3.7s.3:s.3
ciscoios_xe
3.7s.4:s.4
ciscoios_xe
3.7s.5:s.5
ciscoios_xe
3.7s.6:s.6
ciscoios_xe
3.7s.7:s.7
ciscoios_xe
3.8s:s
ciscoios_xe
3.8s.0:s.0
ciscoios_xe
3.8s.1:s.1
ciscoios_xe
3.8s.2:s.2
ciscoios_xe
3.9s.0:s.0
ciscoios_xe
3.9s.1:s.1
ciscoios_xe
3.9s.2:s.2
ciscoios_xe
3.10s.0:s.0
ciscoios_xe
3.10s.0a:s.0a
ciscoios_xe
3.10s.1:s.1
ciscoios_xe
3.10s.2:s.2
ciscoios_xe
3.10s.3:s.3
ciscoios_xe
3.11s.0:s.0
ciscoios_xe
3.11s.1:s.1
ciscoios_xe
3.11s.2:s.2
ciscoios_xe
3.12s.0:s.0
ciscoios_xe
3.12s.1:s.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-iosxe
http://www.securitytracker.com/id/1031981
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-iosxe
http://www.securitytracker.com/id/1031981