CVE-2015-0640 - Vulnerability Details

Vendors	Products
Cisco	Ios Xe

Link	Providers
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-iosxe
http://www.securitytracker.com/id/1031981

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-03-25T00:00:00", "descriptions": [{"lang": "en", "value": "The high-speed logging (HSL) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via large IP packets that require NAT and HSL processing after fragmentation, aka Bug ID CSCuo25741."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2015-03-27T12:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "1031981", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1031981"}, {"name": "20150325 Multiple Vulnerabilities in Cisco IOS XE Software for Cisco ASR 1000 Series, Cisco ISR 4400 Series, and Cisco Cloud Services 1000v Series Routers", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-iosxe"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2015-0640", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The high-speed logging (HSL) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via large IP packets that require NAT and HSL processing after fragmentation, aka Bug ID CSCuo25741."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1031981", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031981"}, {"name": "20150325 Multiple Vulnerabilities in Cisco IOS XE Software for Cisco ASR 1000 Series, Cisco ISR 4400 Series, and Cisco Cloud Services 1000v Series Routers", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-iosxe"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T04:17:32.500Z"}, "title": "CVE Program Container", "references": [{"name": "1031981", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1031981"}, {"name": "20150325 Multiple Vulnerabilities in Cisco IOS XE Software for Cisco ASR 1000 Series, Cisco ISR 4400 Series, and Cisco Cloud Services 1000v Series Routers", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-iosxe"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2015-0640", "datePublished": "2015-03-26T10:00:00", "dateReserved": "2015-01-07T00:00:00", "dateUpdated": "2024-08-06T04:17:32.500Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2015-03-25T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : The high-speed logging (HSL) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via large IP packets that require NAT and HSL processing after fragmentation, aka Bug ID CSCuo25741. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2015-03-27T12:57:01 (string)

orgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

shortName : cisco (string)

}

references : [ »

0 : { »

name : 1031981 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

]

url : http://www.securitytracker.com/id/1031981 (string)

}

1 : { »

name : 20150325 Multiple Vulnerabilities in Cisco IOS XE Software for Cisco ASR 1000 Series, Cisco ISR 4400 Series, and Cisco Cloud Services 1000v Series Routers (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-iosxe (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : psirt@cisco.com (string)

ID : CVE-2015-0640 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : The high-speed logging (HSL) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via large IP packets that require NAT and HSL processing after fragmentation, aka Bug ID CSCuo25741. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : 1031981 (string)

refsource : SECTRACK (string)

url : http://www.securitytracker.com/id/1031981 (string)

}

1 : { »

name : 20150325 Multiple Vulnerabilities in Cisco IOS XE Software for Cisco ASR 1000 Series, Cisco ISR 4400 Series, and Cisco Cloud Services 1000v Series Routers (string)

refsource : CISCO (string)

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-iosxe (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T04:17:32.500Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : 1031981 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

2 : x_transferred (string)

]

url : http://www.securitytracker.com/id/1031981 (string)

}

1 : { »

name : 20150325 Multiple Vulnerabilities in Cisco IOS XE Software for Cisco ASR 1000 Series, Cisco ISR 4400 Series, and Cisco Cloud Services 1000v Series Routers (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

2 : x_transferred (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-iosxe (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

assignerShortName : cisco (string)

cveId : CVE-2015-0640 (string)

datePublished : 2015-03-26T10:00:00 (string)

dateReserved : 2015-01-07T00:00:00 (string)

dateUpdated : 2024-08-06T04:17:32.500Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xe:3.1s.0:*:*:*:*:*:*:*", "matchCriteriaId": "F6C871C9-3188-45A8-813D-20377636CB93", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.1s.1:*:*:*:*:*:*:*", "matchCriteriaId": "48981190-4C87-48B8-918F-A8A9951254BA", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.1s.2:*:*:*:*:*:*:*", "matchCriteriaId": "58ECBD42-D3C1-42E2-938B-D85BE56A198E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.1s.3:*:*:*:*:*:*:*", "matchCriteriaId": "8D6A8329-2A58-446A-B3C1-21AA2BBD24AE", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.1s.4:*:*:*:*:*:*:*", "matchCriteriaId": "F4D44065-91B3-4BED-B0ED-572F97B2D0BC", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.1s.5:*:*:*:*:*:*:*", "matchCriteriaId": "1A4FDC07-F76A-4158-95A4-040FE29B14F4", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.1s.6:*:*:*:*:*:*:*", "matchCriteriaId": "6D8110BB-6112-4CD5-A7ED-8D0E4225B7FF", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.2s.0:*:*:*:*:*:*:*", "matchCriteriaId": "AA132110-6338-4958-A23F-E09058011181", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.2s.1:*:*:*:*:*:*:*", "matchCriteriaId": "52D93563-1E49-4ED7-885D-35836F2545FB", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.2s.2:*:*:*:*:*:*:*", "matchCriteriaId": "2F2BF213-8DBB-4EB7-9D40-4F1DEB7034E5", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.2s.3:*:*:*:*:*:*:*", "matchCriteriaId": "913D878F-4F8C-4E8E-86D0-12D3BFC92425", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.3s.0:*:*:*:*:*:*:*", "matchCriteriaId": "982A0A36-F00E-4A8A-8237-07D90B9BA1F9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.3s.1:*:*:*:*:*:*:*", "matchCriteriaId": "7A4D6F82-A97D-423D-A3FD-6C89B3F4E53F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.3s.2:*:*:*:*:*:*:*", "matchCriteriaId": "C0656295-7CD0-4C81-9549-77B9937C01B4", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.5s:*:*:*:*:*:*:*", "matchCriteriaId": "739E564D-A90E-4650-A243-62C025294DFD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.5s.0:*:*:*:*:*:*:*", "matchCriteriaId": "FC6976C9-7FC4-41B2-B9D8-D6A23C0E7D04", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.5s.1:*:*:*:*:*:*:*", "matchCriteriaId": "4F0311A2-7D85-424F-84EC-42A037D1A145", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.5s.2:*:*:*:*:*:*:*", "matchCriteriaId": "045F7A51-41A4-424E-85DE-39BA4868DB73", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.6s:*:*:*:*:*:*:*", "matchCriteriaId": "A59ADC49-F656-4271-9EC8-963D381320E9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.6s.0:*:*:*:*:*:*:*", "matchCriteriaId": "B2C6BCB1-4D6A-4F8E-B1E3-7ED927442583", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.6s.1:*:*:*:*:*:*:*", "matchCriteriaId": "4414784F-7C38-45DA-B955-344AFCA4C42A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.6s.2:*:*:*:*:*:*:*", "matchCriteriaId": "1EAD6D05-067F-405E-A2C3-1045F96E1725", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.7s:*:*:*:*:*:*:*", "matchCriteriaId": "1156EB7F-677D-4267-9814-C14820B4E18A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.7s.0:*:*:*:*:*:*:*", "matchCriteriaId": "A42F6E60-5D6F-46AC-A725-CC1BFDD93AD6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.7s.1:*:*:*:*:*:*:*", "matchCriteriaId": "50657A0B-694B-417D-8A4C-33496D070DEF", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.7s.2:*:*:*:*:*:*:*", "matchCriteriaId": "F5563BFC-B0F7-42D7-B266-E27623C148A0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.7s.3:*:*:*:*:*:*:*", "matchCriteriaId": "21AB02C6-6D2A-40E6-875F-C49F72FD58CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.7s.4:*:*:*:*:*:*:*", "matchCriteriaId": "A61ECD64-21F1-4685-9DAF-FA95875FEBD9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.7s.5:*:*:*:*:*:*:*", "matchCriteriaId": "A6279ABA-4C68-4349-A4B4-B29D7F7401C4", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.7s.6:*:*:*:*:*:*:*", "matchCriteriaId": "E803D8C7-E567-4C6F-ADE3-C247B7C3E98C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.7s.7:*:*:*:*:*:*:*", "matchCriteriaId": "5A6A4782-7B98-4696-A762-FDE55CB9E729", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.8s:*:*:*:*:*:*:*", "matchCriteriaId": "54FEE2D8-2507-4485-A6D2-82393AB19C7A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.8s.0:*:*:*:*:*:*:*", "matchCriteriaId": "E9A1B891-8AB7-493C-93FF-3D1FA5DFA19A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.8s.1:*:*:*:*:*:*:*", "matchCriteriaId": "20BF8AA3-610B-4168-922D-2847958EFFA5", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.8s.2:*:*:*:*:*:*:*", "matchCriteriaId": "6E6BBADF-5DAF-41CE-B6CC-5D7E498E085B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.9s.0:*:*:*:*:*:*:*", "matchCriteriaId": "AEA1B7A4-6B48-4D0C-BA58-EE0E34DDB07E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.9s.1:*:*:*:*:*:*:*", "matchCriteriaId": "FF17206A-27BA-4914-8BB5-4F031D88EA4A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.9s.2:*:*:*:*:*:*:*", "matchCriteriaId": "AEC4E92B-1752-438D-BF43-4D93938C6776", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.0:*:*:*:*:*:*:*", "matchCriteriaId": "5C1C77A7-FCD5-4558-A351-081D6678DB21", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.0a:*:*:*:*:*:*:*", "matchCriteriaId": "A9B42071-2BAA-4459-B575-EBD72A111381", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.1:*:*:*:*:*:*:*", "matchCriteriaId": "24C948D8-C540-4FF1-A9F7-BFB20E5541FE", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.2:*:*:*:*:*:*:*", "matchCriteriaId": "7AF1294B-B4F6-40CC-A115-942B18CDA361", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.3:*:*:*:*:*:*:*", "matchCriteriaId": "B72E6572-FF41-4606-9DA5-FA486D591A58", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.11s.0:*:*:*:*:*:*:*", "matchCriteriaId": "C0A98DFE-18FF-455A-AFA6-49960CB98C85", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.11s.1:*:*:*:*:*:*:*", "matchCriteriaId": "277C9543-A842-45AB-A2EF-DB2F8412D748", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.11s.2:*:*:*:*:*:*:*", "matchCriteriaId": "6C942D30-8344-425E-804E-E1BB1F1F0D22", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.12s.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5E6FF1A-D90D-412A-8159-E766DC14FA57", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.12s.1:*:*:*:*:*:*:*", "matchCriteriaId": "84E6DEE6-50EF-4333-B0B9-964A633734D1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The high-speed logging (HSL) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via large IP packets that require NAT and HSL processing after fragmentation, aka Bug ID CSCuo25741."}, {"lang": "es", "value": "La caracter\u00edstica high-speed logging (HSL) en Cisco IOS XE 2.x y 3.x anterior a 3.10.4S, 3.11 anterior a 3.11.3S, 3.12 anterior a 3.12.1S, 3.13 anterior a 3.13.0S, 3.14 anterior a 3.14.0S, y 3.15 anterior a 3.15.0S permite a atacantes remotos causar una denegaci\u00f3n de servicio (recarga de dispositivo) a trav\u00e9s de paquetes IP grandes que requieren el procesamiento NAT y HSL despu\u00e9s de la fragmentaci\u00f3n, tambi\u00e9n conocido como Bug ID CSCuo25741."}], "id": "CVE-2015-0640", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-03-26T10:59:06.270", "references": [{"source": "psirt@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-iosxe"}, {"source": "psirt@cisco.com", "url": "http://www.securitytracker.com/id/1031981"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-iosxe"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1031981"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.1s.0:*:*:*:*:*:*:* (string)

matchCriteriaId : F6C871C9-3188-45A8-813D-20377636CB93 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.1s.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 48981190-4C87-48B8-918F-A8A9951254BA (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.1s.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 58ECBD42-D3C1-42E2-938B-D85BE56A198E (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.1s.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 8D6A8329-2A58-446A-B3C1-21AA2BBD24AE (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.1s.4:*:*:*:*:*:*:* (string)

matchCriteriaId : F4D44065-91B3-4BED-B0ED-572F97B2D0BC (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.1s.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 1A4FDC07-F76A-4158-95A4-040FE29B14F4 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.1s.6:*:*:*:*:*:*:* (string)

matchCriteriaId : 6D8110BB-6112-4CD5-A7ED-8D0E4225B7FF (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.2s.0:*:*:*:*:*:*:* (string)

matchCriteriaId : AA132110-6338-4958-A23F-E09058011181 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.2s.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 52D93563-1E49-4ED7-885D-35836F2545FB (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.2s.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 2F2BF213-8DBB-4EB7-9D40-4F1DEB7034E5 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.2s.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 913D878F-4F8C-4E8E-86D0-12D3BFC92425 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.3s.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 982A0A36-F00E-4A8A-8237-07D90B9BA1F9 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.3s.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 7A4D6F82-A97D-423D-A3FD-6C89B3F4E53F (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.3s.2:*:*:*:*:*:*:* (string)

matchCriteriaId : C0656295-7CD0-4C81-9549-77B9937C01B4 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.5s:*:*:*:*:*:*:* (string)

matchCriteriaId : 739E564D-A90E-4650-A243-62C025294DFD (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.5s.0:*:*:*:*:*:*:* (string)

matchCriteriaId : FC6976C9-7FC4-41B2-B9D8-D6A23C0E7D04 (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.5s.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 4F0311A2-7D85-424F-84EC-42A037D1A145 (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.5s.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 045F7A51-41A4-424E-85DE-39BA4868DB73 (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.6s:*:*:*:*:*:*:* (string)

matchCriteriaId : A59ADC49-F656-4271-9EC8-963D381320E9 (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.6s.0:*:*:*:*:*:*:* (string)

matchCriteriaId : B2C6BCB1-4D6A-4F8E-B1E3-7ED927442583 (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.6s.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 4414784F-7C38-45DA-B955-344AFCA4C42A (string)

vulnerable : true (boolean)

}

21 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.6s.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 1EAD6D05-067F-405E-A2C3-1045F96E1725 (string)

vulnerable : true (boolean)

}

22 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.7s:*:*:*:*:*:*:* (string)

matchCriteriaId : 1156EB7F-677D-4267-9814-C14820B4E18A (string)

vulnerable : true (boolean)

}

23 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.7s.0:*:*:*:*:*:*:* (string)

matchCriteriaId : A42F6E60-5D6F-46AC-A725-CC1BFDD93AD6 (string)

vulnerable : true (boolean)

}

24 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.7s.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 50657A0B-694B-417D-8A4C-33496D070DEF (string)

vulnerable : true (boolean)

}

25 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.7s.2:*:*:*:*:*:*:* (string)

matchCriteriaId : F5563BFC-B0F7-42D7-B266-E27623C148A0 (string)

vulnerable : true (boolean)

}

26 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.7s.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 21AB02C6-6D2A-40E6-875F-C49F72FD58CC (string)

vulnerable : true (boolean)

}

27 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.7s.4:*:*:*:*:*:*:* (string)

matchCriteriaId : A61ECD64-21F1-4685-9DAF-FA95875FEBD9 (string)

vulnerable : true (boolean)

}

28 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.7s.5:*:*:*:*:*:*:* (string)

matchCriteriaId : A6279ABA-4C68-4349-A4B4-B29D7F7401C4 (string)

vulnerable : true (boolean)

}

29 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.7s.6:*:*:*:*:*:*:* (string)

matchCriteriaId : E803D8C7-E567-4C6F-ADE3-C247B7C3E98C (string)

vulnerable : true (boolean)

}

30 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.7s.7:*:*:*:*:*:*:* (string)

matchCriteriaId : 5A6A4782-7B98-4696-A762-FDE55CB9E729 (string)

vulnerable : true (boolean)

}

31 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.8s:*:*:*:*:*:*:* (string)

matchCriteriaId : 54FEE2D8-2507-4485-A6D2-82393AB19C7A (string)

vulnerable : true (boolean)

}

32 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.8s.0:*:*:*:*:*:*:* (string)

matchCriteriaId : E9A1B891-8AB7-493C-93FF-3D1FA5DFA19A (string)

vulnerable : true (boolean)

}

33 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.8s.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 20BF8AA3-610B-4168-922D-2847958EFFA5 (string)

vulnerable : true (boolean)

}

34 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.8s.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 6E6BBADF-5DAF-41CE-B6CC-5D7E498E085B (string)

vulnerable : true (boolean)

}

35 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.9s.0:*:*:*:*:*:*:* (string)

matchCriteriaId : AEA1B7A4-6B48-4D0C-BA58-EE0E34DDB07E (string)

vulnerable : true (boolean)

}

36 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.9s.1:*:*:*:*:*:*:* (string)

matchCriteriaId : FF17206A-27BA-4914-8BB5-4F031D88EA4A (string)

vulnerable : true (boolean)

}

37 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.9s.2:*:*:*:*:*:*:* (string)

matchCriteriaId : AEC4E92B-1752-438D-BF43-4D93938C6776 (string)

vulnerable : true (boolean)

}

38 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.10s.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 5C1C77A7-FCD5-4558-A351-081D6678DB21 (string)

vulnerable : true (boolean)

}

39 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.10s.0a:*:*:*:*:*:*:* (string)

matchCriteriaId : A9B42071-2BAA-4459-B575-EBD72A111381 (string)

vulnerable : true (boolean)

}

40 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.10s.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 24C948D8-C540-4FF1-A9F7-BFB20E5541FE (string)

vulnerable : true (boolean)

}

41 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.10s.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 7AF1294B-B4F6-40CC-A115-942B18CDA361 (string)

vulnerable : true (boolean)

}

42 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.10s.3:*:*:*:*:*:*:* (string)

matchCriteriaId : B72E6572-FF41-4606-9DA5-FA486D591A58 (string)

vulnerable : true (boolean)

}

43 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.11s.0:*:*:*:*:*:*:* (string)

matchCriteriaId : C0A98DFE-18FF-455A-AFA6-49960CB98C85 (string)

vulnerable : true (boolean)

}

44 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.11s.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 277C9543-A842-45AB-A2EF-DB2F8412D748 (string)

vulnerable : true (boolean)

}

45 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.11s.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 6C942D30-8344-425E-804E-E1BB1F1F0D22 (string)

vulnerable : true (boolean)

}

46 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.12s.0:*:*:*:*:*:*:* (string)

matchCriteriaId : E5E6FF1A-D90D-412A-8159-E766DC14FA57 (string)

vulnerable : true (boolean)

}

47 : { »

criteria : cpe:2.3:o:cisco:ios_xe:3.12s.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 84E6DEE6-50EF-4333-B0B9-964A633734D1 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : The high-speed logging (HSL) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via large IP packets that require NAT and HSL processing after fragmentation, aka Bug ID CSCuo25741. (string)

}

1 : { »

lang : es (string)

value : La característica high-speed logging (HSL) en Cisco IOS XE 2.x y 3.x anterior a 3.10.4S, 3.11 anterior a 3.11.3S, 3.12 anterior a 3.12.1S, 3.13 anterior a 3.13.0S, 3.14 anterior a 3.14.0S, y 3.15 anterior a 3.15.0S permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de paquetes IP grandes que requieren el procesamiento NAT y HSL después de la fragmentación, también conocido como Bug ID CSCuo25741. (string)

}

]

id : CVE-2015-0640 (string)

lastModified : 2025-04-12T10:46:40.837 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : COMPLETE (string)

baseScore : 7.8 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:L/Au:N/C:N/I:N/A:C (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 6.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2015-03-26T10:59:06.270 (string)

references : [ »

0 : { »

source : psirt@cisco.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-iosxe (string)

}

1 : { »

source : psirt@cisco.com (string)

url : http://www.securitytracker.com/id/1031981 (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-iosxe (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securitytracker.com/id/1031981 (string)

}

]

sourceIdentifier : psirt@cisco.com (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-20 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object