CVE-2015-0681

The TFTP server in Cisco IOS 12.2(44)SQ1, 12.2(33)XN1, 12.4(25e)JAM1, 12.4(25e)JAO5m, 12.4(23)JY, 15.0(2)ED1, 15.0(2)EY3, 15.1(3)SVF4a, and 15.2(2)JB1 and IOS XE 2.5.x, 2.6.x, 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, and 3.5.xS before 3.6.0S; 3.1.xSG, 3.2.xSG, and 3.3.xSG before 3.4.0SG; 3.2.xSE before 3.3.0SE; 3.2.xXO before 3.3.0XO; 3.2.xSQ; 3.3.xSQ; and 3.4.xSQ allows remote attackers to cause a denial of service (device hang or reload) via multiple requests that trigger improper memory management, aka Bug ID CSCts66733.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.1 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:C
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 76%
VendorProductVersion
ciscoios
12.2\(33\)xn1
ciscoios
12.2\(44\)sq1
ciscoios
12.4\(23\)jy
ciscoios
12.4\(25e\)jam1
ciscoios
12.4\(25e\)jao5m
ciscoios
15.0\(2\)ed1
ciscoios
15.0\(2\)ey3
ciscoios
15.1\(3\)svf4a
ciscoios
15.2\(2\)jb1
ciscoios_xe
2.5.0
ciscoios_xe
2.5.1
ciscoios_xe
2.5.2
ciscoios_xe
2.6.0
ciscoios_xe
2.6.1
ciscoios_xe
2.6.2
ciscoios_xe
3.1s.0:s.0
ciscoios_xe
3.1s.1:s.1
ciscoios_xe
3.1s.2:s.2
ciscoios_xe
3.1s.3:s.3
ciscoios_xe
3.1s.4:s.4
ciscoios_xe
3.1s.5:s.5
ciscoios_xe
3.1s.6:s.6
ciscoios_xe
3.1sg.0:sg.0
ciscoios_xe
3.1sg.1:sg.1
ciscoios_xe
3.2s.0:s.0
ciscoios_xe
3.2s.1:s.1
ciscoios_xe
3.2s.2:s.2
ciscoios_xe
3.2s.3:s.3
ciscoios_xe
3.2se.0:se.0
ciscoios_xe
3.2se.1:se.1
ciscoios_xe
3.2se.2:se.2
ciscoios_xe
3.2se.3:se.3
ciscoios_xe
3.2sg.0:sg.0
ciscoios_xe
3.2sg.1:sg.1
ciscoios_xe
3.2sg.2:sg.2
ciscoios_xe
3.2sg.3:sg.3
ciscoios_xe
3.2sg.4:sg.4
ciscoios_xe
3.2sg.5:sg.5
ciscoios_xe
3.2sg.6:sg.6
ciscoios_xe
3.2sg.7:sg.7
ciscoios_xe
3.2sg.8:sg.8
ciscoios_xe
3.2sg.9:sg.9
ciscoios_xe
3.2xo.0:xo.0
ciscoios_xe
3.2xo.1:xo.1
ciscoios_xe
3.3sg.0:sg.0
ciscoios_xe
3.3sg.1:sg.1
ciscoios_xe
3.3sg.2:sg.2
ciscoios_xe
3.3sq.0:sq.0
ciscoios_xe
3.3sq.1:sq.1
ciscoios_xe
3.4s.0:s.0
ciscoios_xe
3.4s.1:s.1
ciscoios_xe
3.4s.2:s.2
ciscoios_xe
3.4s.3:s.3
ciscoios_xe
3.4s.4:s.4
ciscoios_xe
3.4s.5:s.5
ciscoios_xe
3.4s.6:s.6
ciscoios_xe
3.4sq.0:sq.0
ciscoios_xe
3.4sq.1:sq.1
ciscoios_xe
3.5s.0:s.0
ciscoios_xe
3.5s.1:s.1
ciscoios_xe
3.5s.2:s.2
ciscoios_xe
3.5s_base:s_base
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150722-tftp
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150722-tftp/cvrf/cisco-sa-20150722-tftp_cvrf.xml
http://www.securitytracker.com/id/1033023
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150722-tftp
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150722-tftp/cvrf/cisco-sa-20150722-tftp_cvrf.xml
http://www.securitytracker.com/id/1033023