Cisco IOS & IOS-XE Multiple Vulnerabilities
Last Update Date:
26 Mar 2015 15:08
Release Date:
26 Mar 2015
3768
Views
RISK: High Risk
TYPE: Operating Systems - Networks OS
Multiple vulnerabilities were identified in Cisco IOS, IOS-XE and ASR Series IOS-XE, which could be exploited by remote users to cause denial of service, arbitrary code execution and response spoofing on the target system.
Impact
- Denial of Service
- Remote Code Execution
- Spoofing
System / Technologies affected
- Cisco IOS
- Cisco IOS-XE
- Cisco IOS-XE on Cisco ASR 1000, 4400, and 1000v Series Routers
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued a fix:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ikev2
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-mdns
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-tcpleak
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-iosxe
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ani
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-wedge
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip
Vulnerability Identifier
- CVE-2015-0642
- CVE-2015-0643
- CVE-2015-0650
- CVE-2015-0646
- CVE-2015-0645
- CVE-2015-0644
- CVE-2015-0641
- CVE-2015-0640
- CVE-2015-0639
- CVE-2015-0635
- CVE-2015-0636
- CVE-2015-0637
- CVE-2015-0638
- CVE-2015-0647
- CVE-2015-0648
- CVE-2015-0649
Source
Related Link
Share with