CVE-2015-0635: Input Validation
First published: Thu Mar 26 2015(Updated: )
The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to spoof Autonomic Networking Registration Authority (ANRA) responses, and consequently bypass intended device and node access restrictions or cause a denial of service (disrupted domain access), via crafted AN messages, aka Bug ID CSCup62191.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco IOS XE Software | =3.10s.0 | |
| Cisco IOS XE Software | =3.10s.1 | |
| Cisco IOS XE Software | =3.10s.2 | |
| Cisco IOS XE Software | =3.10s.3 | |
| Cisco IOS XE Software | =3.10s.4 | |
| Cisco IOS XE Software | =3.10s.5 | |
| Cisco IOS XE Software | =3.11s.0 | |
| Cisco IOS XE Software | =3.11s.1 | |
| Cisco IOS XE Software | =3.11s.2 | |
| Cisco IOS XE Software | =3.11s.3 | |
| Cisco IOS XE Software | =3.12s.0 | |
| Cisco IOS XE Software | =3.12s.1 | |
| Cisco IOS XE Software | =3.12s.2 | |
| Cisco IOS XE Software | =3.13s.0 | |
| Cisco IOS | =12.2\(33\)ird1 | |
| Cisco IOS | =12.2\(33\)ire3 | |
| Cisco IOS | =12.2\(33\)sxi4b | |
| Cisco IOS | =12.2\(44\)sq1 | |
| Cisco IOS | =12.4\(25e\)jam1 | |
| Cisco IOS | =12.4\(25e\)jap1m | |
| Cisco IOS | =12.4\(25e\)jaz1 | |
| Cisco IOS | =15.0\(2\)ed1 | |
| Cisco IOS | =15.2\(1\)ex | |
| Cisco IOS | =15.2\(2\)jb1 | |
| Cisco IOS | =15.3\(2\)s2 | |
| Cisco IOS | =15.3\(3\)ja1n | |
| Cisco IOS | =15.3\(3\)jab1 | |
| Cisco IOS | =15.3\(3\)jn | |
| Cisco IOS | =15.3\(3\)jnb | |
| Cisco IOS | =15.3\(3\)s | |
| Cisco IOS | =15.3\(3\)s1 | |
| Cisco IOS | =15.3\(3\)s2 | |
| Cisco IOS | =15.3\(3\)s3 | |
| Cisco IOS | =15.3\(3\)s4 | |
| Cisco IOS | =15.3\(3\)s5 | |
| Cisco IOS | =15.4\(1\)s | |
| Cisco IOS | =15.4\(1\)s1 | |
| Cisco IOS | =15.4\(1\)s2 | |
| Cisco IOS | =15.4\(1\)s3 | |
| Cisco IOS | =15.4\(2\)s | |
| Cisco IOS | =15.4\(2\)s1 | |
| Cisco IOS | =15.4\(2\)s2 | |
| Cisco IOS | =15.4\(3\)s |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2015-0635?
The severity of CVE-2015-0635 is evaluated as high due to its potential for remote exploitation and bypassing device authentication mechanisms.
How do I fix CVE-2015-0635?
To fix CVE-2015-0635, update your Cisco IOS or IOS XE to the latest version recommended by Cisco that addresses the vulnerability.
What are the affected software versions for CVE-2015-0635?
CVE-2015-0635 affects multiple versions of Cisco IOS including 12.2, 12.4, 15.0 through 15.4, and IOS XE 3.10.xS through 3.13.1S.
What systems are impacted by CVE-2015-0635?
Systems running vulnerable versions of Cisco IOS and IOS XE that utilize the Autonomic Networking Infrastructure feature are impacted by CVE-2015-0635.
Can CVE-2015-0635 be exploited remotely?
Yes, CVE-2015-0635 can be exploited remotely, allowing attackers to spoof responses from the Autonomic Networking Registration Authority.
- agent/type
- agent/references
- agent/last-modified-date
- agent/first-publish-date
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/event
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco ios xe
- version/cisco ios xe/3.10s.0
- version/cisco ios xe/3.10s.1
- version/cisco ios xe/3.10s.2
- version/cisco ios xe/3.10s.3
- version/cisco ios xe/3.10s.4
- version/cisco ios xe/3.10s.5
- version/cisco ios xe/3.11s.0
- version/cisco ios xe/3.11s.1
- version/cisco ios xe/3.11s.2
- version/cisco ios xe/3.11s.3
- version/cisco ios xe/3.12s.0
- version/cisco ios xe/3.12s.1
- version/cisco ios xe/3.12s.2
- version/cisco ios xe/3.13s.0
- canonical/cisco ios
- version/cisco ios/12.2\(33\)ird1
- version/cisco ios/12.2\(33\)ire3
- version/cisco ios/12.2\(33\)sxi4b
- version/cisco ios/12.2\(44\)sq1
- version/cisco ios/12.4\(25e\)jam1
- version/cisco ios/12.4\(25e\)jap1m
- version/cisco ios/12.4\(25e\)jaz1
- version/cisco ios/15.0\(2\)ed1
- version/cisco ios/15.2\(1\)ex
- version/cisco ios/15.2\(2\)jb1
- version/cisco ios/15.3\(2\)s2
- version/cisco ios/15.3\(3\)ja1n
- version/cisco ios/15.3\(3\)jab1
- version/cisco ios/15.3\(3\)jn
- version/cisco ios/15.3\(3\)jnb
- version/cisco ios/15.3\(3\)s
- version/cisco ios/15.3\(3\)s1
- version/cisco ios/15.3\(3\)s2
- version/cisco ios/15.3\(3\)s3
- version/cisco ios/15.3\(3\)s4
- version/cisco ios/15.3\(3\)s5
- version/cisco ios/15.4\(1\)s
- version/cisco ios/15.4\(1\)s1
- version/cisco ios/15.4\(1\)s2
- version/cisco ios/15.4\(1\)s3
- version/cisco ios/15.4\(2\)s
- version/cisco ios/15.4\(2\)s1
- version/cisco ios/15.4\(2\)s2
- version/cisco ios/15.4\(3\)s