Scroll Top

Multiple Vulnerabilities Recently Disclosed for Cisco Products

Multiple vulnerabilities have been discovered in several Cisco products, including Cisco IOS, Cisco IOS XE, Cisco ASR 1000 Series, Cisco ISR 4400 Series, and Cisco Cloud Services 1000v Series Routers. These products provide firewall, intrusion prevention, remote access, and other services.

The exploitation of these vulnerabilities could allow for remote code execution on the device or may cause denial of service conditions.

Software Affected:

  • Cisco IOS 15.4(3)SN1 and earlier versions
  • Cisco IOS XE Software 3.13S .0 and earlier versions

These Products are prone to multiple vulnerabilities that could allow for remote code execution or denial of service.

These vulnerabilities are as follows:

A vulnerability within the virtual routing and forwarding (VRF) subsystem of Cisco IOSsoftware could allow an attacker to cause a denial of service (DoS) condition. (CVE 2015‐0638)

Multiple vulnerabilities in how Cisco IOS processes crafted Common Industrial Protocol (CIP) IP version 4 (IPv4) packets that could allow an attacker to cause a denial of service (DoS) condition. (CVE 2015‐0647, CVE 2015‐0648, CVE 2015‐0649)

Multiple vulnerabilities in the Autonomic Networking Infrastructure (ANI) feature that could allow an attacker to spoof an Autonomic Networking Registration Authority (ANRA) response and cause a denial of service (DoS) condition (CVE 2015‐0635, CVE 2015‐0636, CVE 2015‐0637)

Multiple vulnerabilities within the Internet Key Exchange (IKE) version 2 subsystem that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. (CVE 2015‐0642, CVE 2015‐0643)

A vulnerability in the multicast DNS (mDNS) gateway function of Cisco IOS Software and

Cisco IOS XE Software could allow an attacker to reload the vulnerable device. (CVE2015‐0650)

A vulnerability in the TCP input module of Cisco IOS and Cisco IOS XE Software that could allow an attacker to cause a memory leak and eventual reload of the affected device. (CVE 2015‐0646)

A vulnerability in the high‐speed logging (HSL) functionality that could allow an attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition (CVE‐2015‐0640)

A vulnerability in the AppNav component that could allow an unauthenticated, remote attacker to cause an affected device to reload and may allow arbitrary code execution on the affected system. (CVE‐2015‐0644)

A vulnerability in IP version 6 (IPv6) parsing that could allow an attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. (CVE‐2015‐0641)

A vulnerability in the Layer 4 Redirect (L4R) processing code that could allow an attacker to cause a reload of the affected device. (CVE‐2015‐0645)

A vulnerability in the Common Flow Table (CFT) processing that could allow an attacker to cause a reload of the affected device. (CVE‐2015‐0639)

RECOMMENDATIONS:

Apply software updates provided by Cisco, and workarounds that mitigate these vulnerabilities are also available from Cisco at the following

link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html

 

 

0
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.