CVE-2015-0649

Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (device reload) via malformed Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun63514.

Published: Mar 26, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-0649
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
cisco / ios	15.0(1)ey	15.0(1)ey.x
cisco / ios	15.3(3)jn	15.3(3)jn.x
cisco / ios	15.0(2)ed1	15.0(2)ed1.x
cisco / ios	15.3(3)jab1	15.3(3)jab1.x
cisco / ios	15.0(2)ey1	15.0(2)ey1.x
cisco / ios	15.0(2)ey	15.0(2)ey.x
cisco / ios	15.0(2)eb	15.0(2)eb.x
cisco / ios	15.2(2)jb1	15.2(2)jb1.x
cisco / ios	12.2(55)se8	12.2(55)se8.x
cisco / ios	15.0(2)se4	15.0(2)se4.x
cisco / ios	15.0(2)ey2	15.0(2)ey2.x
cisco / ios	12.4(25e)jaz1	12.4(25e)jaz1.x
cisco / ios	12.2(55)se9	12.2(55)se9.x
cisco / ios	12.2(55)se7	12.2(55)se7.x
cisco / ios	15.3(3)ja1n	15.3(3)ja1n.x
cisco / ios	12.2(55)se	12.2(55)se.x
cisco / ios	15.2(2)e1	15.2(2)e1.x
cisco / ios	15.2(1)ex	15.2(1)ex.x
cisco / ios	15.0(2)se3	15.0(2)se3.x
cisco / ios	15.3(3)jnb	15.3(3)jnb.x
cisco / ios	12.2(33)ird1	12.2(33)ird1.x
cisco / ios	15.2(2)e	15.2(2)e.x
cisco / ios	15.0(2)se	15.0(2)se.x
cisco / ios	12.2(33)ire3	12.2(33)ire3.x
cisco / ios	12.2(52)se1	12.2(52)se1.x
cisco / ios	15.0(2)se2	15.0(2)se2.x
cisco / ios	12.2(55)se4	12.2(55)se4.x
cisco / ios	12.2(44)sq1	12.2(44)sq1.x
cisco / ios	12.2(55)se3	12.2(55)se3.x
cisco / ios	15.2(1)ey	15.2(1)ey.x
cisco / ios	12.2(33)sxi4b	12.2(33)sxi4b.x
cisco / ios	15.3(2)s2	15.3(2)s2.x
cisco / ios	15.0(2)se1	15.0(2)se1.x
cisco / ios	15.0(2)se7	15.0(2)se7.x
cisco / ios	15.0(2)se6	15.0(2)se6.x
cisco / ios	12.4(25e)jap1m	12.4(25e)jap1m.x
cisco / ios	15.0(1)ey1	15.0(1)ey1.x
cisco / ios	15.0(1)ey2	15.0(1)ey2.x
cisco / ios	12.2(52)se	12.2(52)se.x
cisco / ios	12.2(55)se6	12.2(55)se6.x
cisco / ios	15.0(2)se5	15.0(2)se5.x
cisco / ios	12.2(58)se2	12.2(58)se2.x
cisco / ios	15.0(2)ey3	15.0(2)ey3.x
cisco / ios	12.2(55)se5	12.2(55)se5.x
cisco / ios	12.4(25e)jam1	12.4(25e)jam1.x

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip

Vulnerability Database

290,273

CVE-2015-0649