CVE-2015-0648

Severity

78%

Complexity

99%

Confidentiality

115%

Memory leak in Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (memory consumption) via crafted Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun49658.

Memory leak in Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (memory consumption) via crafted Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun49658.

CVSS 2.0 Base Score 7.8. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:C).

Overview

First reported 9 years ago

2015-03-26 10:59:00

Last updated 9 years ago

2015-03-26 17:52:00

Affected Software

Cisco IOS 12.2(33)IRD1

12.2\(33\)ird1

Cisco IOS 12.2(33)IRE3

12.2\(33\)ire3

Cisco IOS 12.2(33)SXI4B

12.2\(33\)sxi4b

Cisco IOS 12.2(44)EX

12.2\(44\)ex

Cisco IOS 12.2(44)EX1

12.2\(44\)ex1

Cisco IOS 12.2(44)SQ1

12.2\(44\)sq1

Cisco IOS 12.2(46)SE

12.2\(46\)se

Cisco IOS 12.2(46)SE1

12.2\(46\)se1

Cisco IOS 12.2(46)SE2

12.2\(46\)se2

Cisco IOS 12.2(50)SE

12.2\(50\)se

Cisco IOS 12.2(50)SE1

12.2\(50\)se1

Cisco IOS 12.2(50)SE2

12.2\(50\)se2

Cisco IOS 12.2(50)SE3

12.2\(50\)se3

Cisco IOS 12.2(50)SE4

12.2\(50\)se4

Cisco IOS 12.2(50)SE5

12.2\(50\)se5

Cisco IOS 12.2 (52)SE

12.2\(52\)se

Cisco IOS 12.2 (52)SE1

12.2\(52\)se1

Cisco IOS 12.2(55)SE

12.2\(55\)se

Cisco IOS 12.2(55)SE3

12.2\(55\)se3

Cisco IOS 12.2(55)SE4

12.2\(55\)se4

Cisco IOS 12.2(55)SE5

12.2\(55\)se5

Cisco IOS 12.2(55)SE6

12.2\(55\)se6

Cisco IOS 12.2(55)SE7

12.2\(55\)se7

Cisco IOS 12.2(55)SE8

12.2\(55\)se8

Cisco IOS 12.2(55)SE9

12.2\(55\)se9

Cisco IOS 12.2(58)SE2

12.2\(58\)se2

Cisco IOS 12.4(25E)JAM1

12.4\(25e\)jam1

Cisco IOS 12.4(25E)JAP1M

12.4\(25e\)jap1m

Cisco IOS 12.4(25E)JAZ1

12.4\(25e\)jaz1

Cisco IOS 15.0(1)EY

15.0\(1\)ey

Cisco IOS 15.0(1)EY1

15.0\(1\)ey1

Cisco IOS 15.0(1)EY2

15.0\(1\)ey2

Cisco IOS 15.0(2)EB

15.0\(2\)eb

Cisco IOS 15.0(2)ED1

15.0\(2\)ed1

Cisco IOS 15.0(2)EY

15.0\(2\)ey

Cisco IOS 15.0(2)EY1

15.0\(2\)ey1

Cisco IOS 15.0(2)EY2

15.0\(2\)ey2

Cisco IOS 15.0(2)EY3

15.0\(2\)ey3

Cisco IOS 15.0(2)SE

15.0\(2\)se

Cisco IOS 15.0(2)SE1

15.0\(2\)se1

Cisco IOS 15.0(2)SE2

15.0\(2\)se2

Cisco IOS 15.0(2)SE3

15.0\(2\)se3

Cisco IOS 15.0(2)SE4

15.0\(2\)se4

Cisco IOS 15.0(2)SE5

15.0\(2\)se5

Cisco IOS 15.0(2)SE6

15.0\(2\)se6

Cisco IOS 15.0(2)SE7

15.0\(2\)se7

Cisco IOS 15.2(1)EX

15.2\(1\)ex

Cisco IOS 15.2(1)EY

15.2\(1\)ey

Cisco IOS 15.2(2)E

15.2\(2\)e

Cisco IOS 15.2(2)E1

15.2\(2\)e1

Cisco IOS 15.2(2)JB1

15.2\(2\)jb1

Cisco IOS 15.3(2)S2

15.3\(2\)s2

Cisco IOS 15.3(3)JA

15.3\(3\)ja

Cisco IOS 15.3(3)JA1

15.3\(3\)ja1

Cisco IOS 15.3(3)JA1M

15.3\(3\)ja1m

Cisco IOS 15.3(3)JA1N

15.3\(3\)ja1n

Cisco IOS 15.3(3)JAA

15.3\(3\)jaa

Cisco IOS 15.3(3)JAB

15.3\(3\)jab

15.3(3)JAB1

15.3\(3\)jab1

Cisco IOS 15.3(3)JN

15.3\(3\)jn

Cisco IOS 15.3(3)JNB

15.3\(3\)jnb

References

20150325 Multiple Vulnerabilities in Cisco IOS Software Common Industrial Protocol

Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.