CVE-2015-6432

Cisco IOS XR 4.2.0, 4.3.0, 5.0.0, 5.1.0, 5.2.0, 5.2.2, 5.2.4, 5.3.0, and 5.3.2 does not properly restrict the number of Path Computation Elements (PCEs) for OSPF LSA opaque area updates, which allows remote attackers to cause a denial of service (device reload) via a crafted update, aka Bug ID CSCuw83486.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

Vector : AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160104-iosxr	Vendor Advisory
http://www.securitytracker.com/id/1034570

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:cisco:ios_xr:4.2.0:::::::*
	cpe:2.3:o:cisco:ios_xr:4.3.0:::::::*
	cpe:2.3:o:cisco:ios_xr:5.0.0:::::::*
	cpe:2.3:o:cisco:ios_xr:5.1.0:::::::*
	cpe:2.3:o:cisco:ios_xr:5.2.0:::::::*
	cpe:2.3:o:cisco:ios_xr:5.2.2:::::::*
	cpe:2.3:o:cisco:ios_xr:5.2.4:::::::*
	cpe:2.3:o:cisco:ios_xr:5.3.0:::::::*
	cpe:2.3:o:cisco:ios_xr:5.3.2:::::::*

History

No history.

Information

Published : 2016-01-05 02:59

Updated : 2024-02-28 15:21

NVD link : CVE-2015-6432

Mitre link : CVE-2015-6432

CVE.ORG link : CVE-2015-6432

JSON object : View

Products Affected

cisco

ios_xr

CWE

CWE-399

Resource Management Errors

{"id": "CVE-2015-6432", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2016-01-05T02:59:05.427", "references": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160104-iosxr", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1034570", "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-399"}]}], "descriptions": [{"lang": "en", "value": "Cisco IOS XR 4.2.0, 4.3.0, 5.0.0, 5.1.0, 5.2.0, 5.2.2, 5.2.4, 5.3.0, and 5.3.2 does not properly restrict the number of Path Computation Elements (PCEs) for OSPF LSA opaque area updates, which allows remote attackers to cause a denial of service (device reload) via a crafted update, aka Bug ID CSCuw83486."}, {"lang": "es", "value": "Cisco IOS XR 4.2.0, 4.3.0, 5.0.0, 5.1.0, 5.2.0, 5.2.2, 5.2.4, 5.3.0 y 5.3.2 no restringe correctamente el n\u00famero de Path Computation Elements (PCEs) para actualizaciones de OSPF LSA opaque area, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga del dispositivo) a trav\u00e9s de una actualizaci\u00f3n manipulada, tambi\u00e9n conocido como Bug ID CSCuw83486."}], "lastModified": "2016-12-07T18:20:24.417", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xr:4.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB6ABB63-E2D2-42F7-B648-BF6002D1C05E"}, {"criteria": "cpe:2.3:o:cisco:ios_xr:4.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "074571B4-65EF-451A-89DC-0797F6E4BFEA"}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7620A88-C4B3-4184-846F-1E3FD8A751EB"}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9839DC3C-8B8A-49D5-9E50-BB7C4BCE5878"}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE1DFA18-E6D7-4F1D-8D9B-70323B2983AC"}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB5452CA-E4DF-49FD-A677-3F6257F14707"}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7DABC2A4-B161-4597-B053-0ECEFCCDD89F"}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5F1F85C-B63F-4D6F-9918-4A5E4945B96B"}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4695DF36-5DC7-430B-8266-BF07FD2E7EFC"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}