CVE-2015-0636

The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (disrupted domain access) via spoofed AN messages that reset a finite state machine, aka Bug ID CSCup62293.

Published: Mar 26, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-0636
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
cisco / ios_xe	3.13s.0	3.13s.0.x
cisco / ios_xe	3.12s.3	3.12s.3.x
cisco / ios_xe	3.12s.0	3.12s.0.x
cisco / ios_xe	3.12s.1	3.12s.1.x
cisco / ios_xe	3.12s.2	3.12s.2.x
cisco / ios_xe	3.10s.4	3.10s.4.x
cisco / ios	15.4(2)s2	15.4(2)s2.x
cisco / ios	15.3(3)jn	15.3(3)jn.x
cisco / ios	15.0(2)ed1	15.0(2)ed1.x
cisco / ios	15.3(3)jab1	15.3(3)jab1.x
cisco / ios	15.4(1)s	15.4(1)s.x
cisco / ios	15.2(2)jb1	15.2(2)jb1.x
cisco / ios	15.4(1)s1	15.4(1)s1.x
cisco / ios	12.4(25e)jaz1	12.4(25e)jaz1.x
cisco / ios	15.3(3)ja1n	15.3(3)ja1n.x
cisco / ios	15.2(1)ex	15.2(1)ex.x
cisco / ios	15.3(3)jnb	15.3(3)jnb.x
cisco / ios	12.2(33)ird1	12.2(33)ird1.x
cisco / ios	15.4(1)s2	15.4(1)s2.x
cisco / ios	12.2(33)ire3	12.2(33)ire3.x
cisco / ios	12.2(44)sq1	12.2(44)sq1.x
cisco / ios	15.4(1)s3	15.4(1)s3.x
cisco / ios	15.4(2)s1	15.4(2)s1.x
cisco / ios	12.2(33)sxi4b	12.2(33)sxi4b.x
cisco / ios	15.3(2)s2	15.3(2)s2.x
cisco / ios	15.4(2)s	15.4(2)s.x
cisco / ios	15.4(3)s	15.4(3)s.x
cisco / ios	12.4(25e)jap1m	12.4(25e)jap1m.x
cisco / ios	12.4(25e)jam1	12.4(25e)jam1.x

Vulnerability Database

289,784

CVE-2015-0636