VIR Vulnerability Intelligence Relay

CVE-2015-0648

high
Published 2015-03-26 · Modified 2026-05-06
CVSS v3
CVSS v2
7.8
VIR risk
7.8

Description

Memory leak in Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (memory consumption) via crafted Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun49658.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@cisco.com — http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip

References

CWEs

CWE-399

Verify integrity in audit chain (admin only). AS-IS.