CVE-2015-0710

The Overlay Transport Virtualization (OTV) implementation in Cisco IOS XE 3.10S allows remote attackers to cause a denial of service (device reload) via a series of packets that are considered oversized and trigger improper fragmentation handling, aka Bug IDs CSCup37676 and CSCup30335.

CVSS v2.0 6.1 MEDIUM

6.1^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:A/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 6.5 / Impact : 6.9

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://tools.cisco.com/security/center/viewAlert.x?alertId=38549	Vendor Advisory
http://www.securitytracker.com/id/1032212

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:cisco:ios_xe:3.10.0s:::::::*
	cpe:2.3:o:cisco:ios_xe:3.10s.01:::::::*

History

No history.

Information

Published : 2015-04-29 01:59

Updated : 2024-02-28 12:20

NVD link : CVE-2015-0710

Mitre link : CVE-2015-0710

CVE.ORG link : CVE-2015-0710

JSON object : View

Products Affected

cisco

ios_xe

CWE

CWE-399

Resource Management Errors

6.1 /10