CVE-2015-0635

{"id": "CVE-2015-0635", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 8.5, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-03-26T10:59:00.067", "references": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ani", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1031982", "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to spoof Autonomic Networking Registration Authority (ANRA) responses, and consequently bypass intended device and node access restrictions or cause a denial of service (disrupted domain access), via crafted AN messages, aka Bug ID CSCup62191."}, {"lang": "es", "value": "La implementaci\u00f3n Autonomic Networking Infrastructure (ANI) en Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, y 15.4 y IOS XE 3.10.xS hasta 3.13.xS anterior a 3.13.1S permite a atacantes remotos falsificar respuestas de la Autonomic Networking Registration Authority (ANRA), y como consecuencia evadir las restricciones de acceso a dispositivos y nodos o causar una denegaci\u00f3n de servicio (acceso a dominio interrumpido), a trav\u00e9s de mensajes AN falsificados, tambi\u00e9n conocido como Bug ID CSCup62191."}], "lastModified": "2015-10-01T17:13:36.103", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C1C77A7-FCD5-4558-A351-081D6678DB21"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24C948D8-C540-4FF1-A9F7-BFB20E5541FE"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7AF1294B-B4F6-40CC-A115-942B18CDA361"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B72E6572-FF41-4606-9DA5-FA486D591A58"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B74B72D9-AB41-4D98-BEF5-3CA37F68F645"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FC3A52D-50B6-44F0-A20B-09EE462EB0BD"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.11s.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0A98DFE-18FF-455A-AFA6-49960CB98C85"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.11s.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "277C9543-A842-45AB-A2EF-DB2F8412D748"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.11s.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C942D30-8344-425E-804E-E1BB1F1F0D22"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.11s.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7382973-7673-4D6E-8716-AFDE2EB04C94"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.12s.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5E6FF1A-D90D-412A-8159-E766DC14FA57"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.12s.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84E6DEE6-50EF-4333-B0B9-964A633734D1"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.12s.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D83A5AC0-C583-4B2E-8F08-989B3EF3F4EF"}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.13s.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28303ADA-1B8E-42F6-9CD1-A457D863727B"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)ird1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ACA00878-FA42-4234-B3CD-F2F07F7CE9EA"}, {"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)ire3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B785F54A-DD27-4422-8F25-0A6EB3E36EEA"}, {"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi4b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "95470E1A-2FEC-41DA-8259-EE4F890A32B5"}, {"criteria": "cpe:2.3:o:cisco:ios:12.2\\(44\\)sq1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "742DA70E-6FF9-451D-9E62-F81EFB0BEB6C"}, {"criteria": "cpe:2.3:o:cisco:ios:12.4\\(25e\\)jam1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30FFBD57-E751-42C8-AE89-CD2073F45688"}, {"criteria": "cpe:2.3:o:cisco:ios:12.4\\(25e\\)jap1m:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4D3B067-46F9-460B-A3EB-7FCA3DDA7E3E"}, {"criteria": "cpe:2.3:o:cisco:ios:12.4\\(25e\\)jaz1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81CA75FF-8C2E-4D9C-BE57-34EF801C28D5"}, {"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)ed1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5D3C419-D1FF-45E8-A5B1-AFFC59567478"}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)ex:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E92C269-3C17-4C9D-970F-E9C8EE709ADA"}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E15A69BF-50B6-42BE-9F44-7A7EBA28CC6D"}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(2\\)s2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B7E5969-E55B-4EBF-ADDE-8A969174E03D"}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja1n:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49DAE7DA-E0D3-4434-AD75-C8894D939A83"}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jab1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CBEF7B94-3510-48FA-B783-1BF1C23C2C0C"}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jn:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32E6CCE7-88BB-4F4F-9253-EC67B5076767"}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnb:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BC3CD43-F30A-484B-9285-D925C1262212"}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB84CE04-F2D0-4A37-B2BA-25126D1824D8"}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E32C83FA-EBE9-4A84-B34A-25BBA4D47E3F"}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63ACFACC-23B7-4EAC-BDC0-E3C403642D88"}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F3A95D5-157D-4335-87B4-8DA080A496FF"}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E613BC4-AC20-4E43-8FB3-2EE9F0A2610D"}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D54B325-22D5-4F21-BE28-BE28F6135FBF"}, {"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)s:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "237D305E-016D-4E84-827C-44D04E3E0999"}, {"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)s1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E993A32E-D2AF-4519-B4C9-7F576649D20F"}, {"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)s2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7260A66D-D477-440E-9A87-C05F9BD9E67C"}, {"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)s3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31059ED1-4D82-43D7-8EF7-042125289CF1"}, {"criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)s:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4151B2B1-B17F-4F1D-A211-34C7DB84E442"}, {"criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)s1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37B550C9-B2E4-44EE-8E0B-54D150C69A0F"}, {"criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)s2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BEBBA614-74E7-43C7-8D33-ADF4BD79D477"}, {"criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)s:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C63FF7C4-D9CE-4D6C-B36E-0C0DC06F453E"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}