CVE-2015-0642

Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12.xS before 3.12.3S, 3.2.xE through 3.7.xE before 3.7.1E, 3.3.xSG, 3.4.xSG, and 3.13.xS before 3.13.2S allow remote attackers to cause a denial of service (device reload) by sending malformed IKEv2 packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCum36951.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:C
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
VendorProductVersion
ciscoios_xe
2.5.0
ciscoios_xe
2.5.1
ciscoios_xe
3.1s.0:s.0
ciscoios_xe
3.1s.1:s.1
ciscoios_xe
3.1s.2:s.2
ciscoios_xe
3.1s.3:s.3
ciscoios_xe
3.1s.4:s.4
ciscoios_xe
3.2s.0:s.0
ciscoios_xe
3.2s.1:s.1
ciscoios_xe
3.2s.2:s.2
ciscoios_xe
3.3s.0:s.0
ciscoios_xe
3.3s.1:s.1
ciscoios_xe
3.3s.2:s.2
ciscoios_xe
3.3sg.0:sg.0
ciscoios_xe
3.3sg.1:sg.1
ciscoios_xe
3.3sg.2:sg.2
ciscoios_xe
3.3xo.0:xo.0
ciscoios_xe
3.3xo.1:xo.1
ciscoios_xe
3.3xo.2:xo.2
ciscoios_xe
3.4s.0:s.0
ciscoios_xe
3.4s.1:s.1
ciscoios_xe
3.4s.2:s.2
ciscoios_xe
3.4s.3:s.3
ciscoios_xe
3.4s.4:s.4
ciscoios_xe
3.4s.5:s.5
ciscoios_xe
3.4s.6:s.6
ciscoios_xe
3.4sg.0:sg.0
ciscoios_xe
3.4sg.1:sg.1
ciscoios_xe
3.4sg.2:sg.2
ciscoios_xe
3.4sg.3:sg.3
ciscoios_xe
3.4sg.4:sg.4
ciscoios_xe
3.4sg.5:sg.5
ciscoios_xe
3.5e.0:e.0
ciscoios_xe
3.5e.1:e.1
ciscoios_xe
3.5e.2:e.2
ciscoios_xe
3.5e.3:e.3
ciscoios_xe
3.5s.0:s.0
ciscoios_xe
3.5s.1:s.1
ciscoios_xe
3.5s_base:s_base
ciscoios_xe
3.6e.0:e.0
ciscoios_xe
3.6e.1:e.1
ciscoios_xe
3.6s.0:s.0
ciscoios_xe
3.6s.1:s.1
ciscoios_xe
3.6s.2:s.2
ciscoios_xe
3.6s_base:s_base
ciscoios_xe
3.7e.0:e.0
ciscoios_xe
3.7s.0:s.0
ciscoios_xe
3.7s.1:s.1
ciscoios_xe
3.7s.2:s.2
ciscoios_xe
3.7s.3:s.3
ciscoios_xe
3.7s.4:s.4
ciscoios_xe
3.7s.5:s.5
ciscoios_xe
3.7s.6:s.6
ciscoios_xe
3.7s_base:s_base
ciscoios_xe
3.8s.0:s.0
ciscoios_xe
3.8s.1:s.1
ciscoios_xe
3.8s.2:s.2
ciscoios_xe
3.8s_base:s_base
ciscoios_xe
3.9s.0:s.0
ciscoios_xe
3.9s.1:s.1
ciscoios_xe
3.9s.2:s.2
ciscoios_xe
3.10s.0:s.0
ciscoios_xe
3.10s.0a:s.0a
ciscoios_xe
3.10s.1:s.1
ciscoios_xe
3.10s.2:s.2
ciscoios_xe
3.10s.3:s.3
ciscoios_xe
3.10s.4:s.4
ciscoios_xe
3.10s.5:s.5
ciscoios_xe
3.11s.0:s.0
ciscoios_xe
3.11s.1:s.1
ciscoios_xe
3.11s.2:s.2
ciscoios_xe
3.11s.3:s.3
ciscoios_xe
3.12s.0:s.0
ciscoios_xe
3.12s.1:s.1
ciscoios_xe
3.12s.2:s.2
ciscoios_xe
3.13s.0:s.0
ciscoios_xe
3.13s.1:s.1
ciscoios
12.2
ciscoios
12.4
ciscoios
15.0
ciscoios
15.1
ciscoios
15.2
ciscoios
15.3
ciscoios
15.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ikev2
http://tools.cisco.com/security/center/viewAlert.x?alertId=37816
http://www.securityfocus.com/bid/73333
http://www.securitytracker.com/id/1031978
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ikev2
http://tools.cisco.com/security/center/viewAlert.x?alertId=37816
http://www.securityfocus.com/bid/73333
http://www.securitytracker.com/id/1031978