CVE-2015-0695
high
CVSS v3
—
CVSS v2
7.8
VIR risk
7.8
Description
Cisco IOS XR 4.3.4 through 5.3.0 on ASR 9000 devices, when uRPF, PBR, QoS, or an ACL is configured, does not properly handle bridge-group virtual interface (BVI) traffic, which allows remote attackers to cause a denial of service (chip and card hangs and reloads) by triggering use of a BVI interface for IPv4 packets, aka Bug ID CSCur62957.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: psirt@cisco.com — http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-iosxr
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-iosxr
- http://www.securityfocus.com/bid/74162
- http://www.securitytracker.com/id/1032139
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-iosxr
- http://www.securityfocus.com/bid/74162
- http://www.securitytracker.com/id/1032139
CWEs
CWE-19 CWE-399
Verify integrity in audit chain (admin only). AS-IS.