CVE-2015-0650

The Service Discovery Gateway (aka mDNS Gateway) in Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 3.9.xS and 3.10.xS before 3.10.4S, 3.11.xS before 3.11.3S, 3.12.xS before 3.12.2S, and 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (device reload) by sending malformed mDNS UDP packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCup70579.

CVSS v2.0 7.8 HIGH

7.8^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-mdns	Vendor Advisory
http://www.securitytracker.com/id/1031979

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:cisco:ios_xe:3.9s.0:::::::*
	cpe:2.3:o:cisco:ios_xe:3.9s.1:::::::*
	cpe:2.3:o:cisco:ios_xe:3.9s.2:::::::*
	cpe:2.3:o:cisco:ios_xe:3.10s.0:::::::*
	cpe:2.3:o:cisco:ios_xe:3.10s.0a:::::::*
	cpe:2.3:o:cisco:ios_xe:3.10s.1:::::::*
	cpe:2.3:o:cisco:ios_xe:3.10s.2:::::::*
	cpe:2.3:o:cisco:ios_xe:3.10s.3:::::::*
	cpe:2.3:o:cisco:ios_xe:3.11s.0:::::::*
	cpe:2.3:o:cisco:ios_xe:3.11s.1:::::::*
	cpe:2.3:o:cisco:ios_xe:3.11s.2:::::::*
	cpe:2.3:o:cisco:ios_xe:3.12s.0:::::::*
	cpe:2.3:o:cisco:ios_xe:3.12s.1:::::::*
	cpe:2.3:o:cisco:ios_xe:3.13s.0:::::::*
	cpe:2.3:o:cisco:ios_xe:3.13s.1:::::::*
	cpe:2.3:o:cisco:ios_xe:3.13s.2:::::::*

Configuration 2 (hide)

OR	cpe:2.3:o:cisco:ios:12.2:::::::*
	cpe:2.3:o:cisco:ios:12.4:::::::*
	cpe:2.3:o:cisco:ios:15.0:::::::*
	cpe:2.3:o:cisco:ios:15.1:::::::*
	cpe:2.3:o:cisco:ios:15.2:::::::*
	cpe:2.3:o:cisco:ios:15.3:::::::*
	cpe:2.3:o:cisco:ios:15.4:::::::*

History

No history.

Information

Published : 2015-03-26 10:59

Updated : 2015-09-04 18:57

NVD link : CVE-2015-0650

Mitre link : CVE-2015-0650

CVE.ORG link : CVE-2015-0650

JSON object : View

Products Affected

cisco

ios
ios_xe

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2015-0650", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-03-26T10:59:14.990", "references": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-mdns", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1031979", "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The Service Discovery Gateway (aka mDNS Gateway) in Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 3.9.xS and 3.10.xS before 3.10.4S, 3.11.xS before 3.11.3S, 3.12.xS before 3.12.2S, and 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (device reload) by sending malformed mDNS UDP packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCup70579."}, {"lang": "es", "value": "Service Discovery Gateway (tambi\u00e9n conocido como mDNS Gateway) en Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, y 15.4 y IOS XE 3.9.xS y 3.10.xS anterior a 3.10.4S, 3.11.xS anterior a 3.11.3S, 3.12.xS anterior a 3.12.2S, y 3.13.xS anterior a 3.13.1S permite a atacantes remotos causar una denegaci\u00f3n de servicio (recarga de dispositivo) mediante el env\u00edo de paquetes mDNS UDP malformados por (1) IPv4 o (2) IPv6, tambi\u00e9n conocido como Bug ID CSCup70579."}], "lastModified": "2015-09-04T18:57:35.183", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xe:3.9s.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AEA1B7A4-6B48-4D0C-BA58-EE0E34DDB07E"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.9s.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FF17206A-27BA-4914-8BB5-4F031D88EA4A"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.9s.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AEC4E92B-1752-438D-BF43-4D93938C6776"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C1C77A7-FCD5-4558-A351-081D6678DB21"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.0a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9B42071-2BAA-4459-B575-EBD72A111381"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24C948D8-C540-4FF1-A9F7-BFB20E5541FE"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7AF1294B-B4F6-40CC-A115-942B18CDA361"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B72E6572-FF41-4606-9DA5-FA486D591A58"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.11s.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0A98DFE-18FF-455A-AFA6-49960CB98C85"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.11s.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "277C9543-A842-45AB-A2EF-DB2F8412D748"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.11s.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C942D30-8344-425E-804E-E1BB1F1F0D22"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.12s.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5E6FF1A-D90D-412A-8159-E766DC14FA57"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.12s.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84E6DEE6-50EF-4333-B0B9-964A633734D1"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.13s.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28303ADA-1B8E-42F6-9CD1-A457D863727B"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.13s.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B331605-E70D-4A93-AB19-6E31A31C5256"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.13s.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7252C89C-0327-47A2-826D-5853F387CB5B"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4BC49F2-3DCB-45F0-9030-13F6415EE178"}, {"criteria": "cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D4D8C72-E7BB-40BF-9AE5-622794D63E09"}, {"criteria": "cpe:2.3:o:cisco:ios:15.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF87CC9A-1AF5-4DB4-ACE5-DB938D3B2F84"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB41294E-F3DF-4F1E-A4C8-E90B21A88836"}, {"criteria": "cpe:2.3:o:cisco:ios:15.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2AB6A02-B7C7-48D1-8857-BD1CDF9A40D8"}, {"criteria": "cpe:2.3:o:cisco:ios:15.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B870F917-9F35-41AE-8CCA-D8574189C7EC"}, {"criteria": "cpe:2.3:o:cisco:ios:15.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D549F66-13E6-4AB0-972D-6F7FE6DB82DB"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}

7.8 /10