The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to spoof Autonomic Networking Registration Authority (ANRA) responses, and consequently bypass intended device and node access restrictions or cause a denial of service (disrupted domain access), via crafted AN messages, aka Bug ID CSCup62191.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
21 Nov 2024, 02:23
Type | Values Removed | Values Added |
---|---|---|
References | () http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ani - Vendor Advisory | |
References | () http://www.securitytracker.com/id/1031982 - |
Information
Published : 2015-03-26 10:59
Updated : 2024-11-21 02:23
NVD link : CVE-2015-0635
Mitre link : CVE-2015-0635
CVE.ORG link : CVE-2015-0635
JSON object : View
Products Affected
cisco
- ios_xe
- ios
CWE
CWE-20
Improper Input Validation