2.2.2

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

cisco

CWE-399

NVD

Published: 2015-08-29

Updated: 2017-09-20

Summary

Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted IPv4 UDP packet, aka Bug ID CSCsw95482.

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco IOS XE 2.2.1 Cisco IOS XE 2.2.2	2
Hardware	Cisco Cisco ASR 1001 - Cisco ASR 1001 X - Cisco ASR 1002 - Cisco ASR 1002 X - Cisco ASR 1004 - Cisco ASR 1006 - Cisco ASR 1013 -	7

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

References

http://tools.cisco.com/security/center/viewAlert.x?alertId=40685
http://www.securitytracker.com/id/1033406