What is the severity of CVE-2015-0648?

CVE-2015-0648 is classified as a high severity vulnerability due to the potential for remote denial of service.

How do I fix CVE-2015-0648?

To fix CVE-2015-0648, it is recommended to upgrade Cisco IOS to a version that addresses this vulnerability.

What types of devices are affected by CVE-2015-0648?

CVE-2015-0648 affects Cisco IOS versions 12.2, 12.4, 15.0, 15.2, and 15.3 running on various Cisco networking devices.

What is the impact of CVE-2015-0648 on affected systems?

The impact of CVE-2015-0648 includes a memory leak that can lead to exhaustion of system resources and denial of service.

Can CVE-2015-0648 be exploited remotely?

Yes, CVE-2015-0648 can be exploited remotely through crafted Common Industrial Protocol (CIP) TCP packets.

Vulnerability/
CVE-2015-0648

high

7.8

CWE

399

26/3/2015

CVE-2015-0648

First published: Thu Mar 26 2015(Updated: )

Memory leak in Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (memory consumption) via crafted Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun49658.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco IOS	=12.2\(33\)ird1
Cisco IOS	=12.2\(33\)ire3
Cisco IOS	=12.2\(33\)sxi4b
Cisco IOS	=12.2\(44\)ex
Cisco IOS	=12.2\(44\)ex1
Cisco IOS	=12.2\(44\)sq1
Cisco IOS	=12.2\(46\)se
Cisco IOS	=12.2\(46\)se1
Cisco IOS	=12.2\(46\)se2
Cisco IOS	=12.2\(50\)se
Cisco IOS	=12.2\(50\)se1
Cisco IOS	=12.2\(50\)se2
Cisco IOS	=12.2\(50\)se3
Cisco IOS	=12.2\(50\)se4
Cisco IOS	=12.2\(50\)se5
Cisco IOS	=12.2\(52\)se
Cisco IOS	=12.2\(52\)se1
Cisco IOS	=12.2\(55\)se
Cisco IOS	=12.2\(55\)se3
Cisco IOS	=12.2\(55\)se4
Cisco IOS	=12.2\(55\)se5
Cisco IOS	=12.2\(55\)se6
Cisco IOS	=12.2\(55\)se7
Cisco IOS	=12.2\(55\)se8
Cisco IOS	=12.2\(55\)se9
Cisco IOS	=12.2\(58\)se2
Cisco IOS	=12.4\(25e\)jam1
Cisco IOS	=12.4\(25e\)jap1m
Cisco IOS	=12.4\(25e\)jaz1
Cisco IOS	=15.0\(1\)ey
Cisco IOS	=15.0\(1\)ey1
Cisco IOS	=15.0\(1\)ey2
Cisco IOS	=15.0\(2\)eb
Cisco IOS	=15.0\(2\)ed1
Cisco IOS	=15.0\(2\)ey
Cisco IOS	=15.0\(2\)ey1
Cisco IOS	=15.0\(2\)ey2
Cisco IOS	=15.0\(2\)ey3
Cisco IOS	=15.0\(2\)se
Cisco IOS	=15.0\(2\)se1
Cisco IOS	=15.0\(2\)se2
Cisco IOS	=15.0\(2\)se3
Cisco IOS	=15.0\(2\)se4
Cisco IOS	=15.0\(2\)se5
Cisco IOS	=15.0\(2\)se6
Cisco IOS	=15.0\(2\)se7
Cisco IOS	=15.2\(1\)ex
Cisco IOS	=15.2\(1\)ey
Cisco IOS	=15.2\(2\)e
Cisco IOS	=15.2\(2\)e1
Cisco IOS	=15.2\(2\)jb1
Cisco IOS	=15.3\(2\)s2
Cisco IOS	=15.3\(3\)ja
Cisco IOS	=15.3\(3\)ja1
Cisco IOS	=15.3\(3\)ja1m
Cisco IOS	=15.3\(3\)ja1n
Cisco IOS	=15.3\(3\)jaa
Cisco IOS	=15.3\(3\)jab
Cisco IOS	=15.3\(3\)jab1
Cisco IOS	=15.3\(3\)jn
Cisco IOS	=15.3\(3\)jnb

Never miss a vulnerability like this again

Reference Links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip

Frequently Asked Questions

What is the severity of CVE-2015-0648?
CVE-2015-0648 is classified as a high severity vulnerability due to the potential for remote denial of service.
How do I fix CVE-2015-0648?
To fix CVE-2015-0648, it is recommended to upgrade Cisco IOS to a version that addresses this vulnerability.
What types of devices are affected by CVE-2015-0648?
CVE-2015-0648 affects Cisco IOS versions 12.2, 12.4, 15.0, 15.2, and 15.3 running on various Cisco networking devices.
What is the impact of CVE-2015-0648 on affected systems?
The impact of CVE-2015-0648 includes a memory leak that can lead to exhaustion of system resources and denial of service.
Can CVE-2015-0648 be exploited remotely?
Yes, CVE-2015-0648 can be exploited remotely through crafted Common Industrial Protocol (CIP) TCP packets.

collector/nvd-index
vendor/cisco
canonical/cisco ios
version/cisco ios/12.2\(33\)ird1
version/cisco ios/12.2\(33\)ire3
version/cisco ios/12.2\(33\)sxi4b
version/cisco ios/12.2\(44\)ex
version/cisco ios/12.2\(44\)ex1
version/cisco ios/12.2\(44\)sq1
version/cisco ios/12.2\(46\)se
version/cisco ios/12.2\(46\)se1
version/cisco ios/12.2\(46\)se2
version/cisco ios/12.2\(50\)se
version/cisco ios/12.2\(50\)se1
version/cisco ios/12.2\(50\)se2
version/cisco ios/12.2\(50\)se3
version/cisco ios/12.2\(50\)se4
version/cisco ios/12.2\(50\)se5
version/cisco ios/12.2\(52\)se
version/cisco ios/12.2\(52\)se1
version/cisco ios/12.2\(55\)se
version/cisco ios/12.2\(55\)se3
version/cisco ios/12.2\(55\)se4
version/cisco ios/12.2\(55\)se5
version/cisco ios/12.2\(55\)se6
version/cisco ios/12.2\(55\)se7
version/cisco ios/12.2\(55\)se8
version/cisco ios/12.2\(55\)se9
version/cisco ios/12.2\(58\)se2
version/cisco ios/12.4\(25e\)jam1
version/cisco ios/12.4\(25e\)jap1m
version/cisco ios/12.4\(25e\)jaz1
version/cisco ios/15.0\(1\)ey
version/cisco ios/15.0\(1\)ey1
version/cisco ios/15.0\(1\)ey2
version/cisco ios/15.0\(2\)eb
version/cisco ios/15.0\(2\)ed1
version/cisco ios/15.0\(2\)ey
version/cisco ios/15.0\(2\)ey1
version/cisco ios/15.0\(2\)ey2
version/cisco ios/15.0\(2\)ey3
version/cisco ios/15.0\(2\)se
version/cisco ios/15.0\(2\)se1
version/cisco ios/15.0\(2\)se2
version/cisco ios/15.0\(2\)se3
version/cisco ios/15.0\(2\)se4
version/cisco ios/15.0\(2\)se5
version/cisco ios/15.0\(2\)se6
version/cisco ios/15.0\(2\)se7
version/cisco ios/15.2\(1\)ex
version/cisco ios/15.2\(1\)ey
version/cisco ios/15.2\(2\)e
version/cisco ios/15.2\(2\)e1
version/cisco ios/15.2\(2\)jb1
version/cisco ios/15.3\(2\)s2
version/cisco ios/15.3\(3\)ja
version/cisco ios/15.3\(3\)ja1
version/cisco ios/15.3\(3\)ja1m
version/cisco ios/15.3\(3\)ja1n
version/cisco ios/15.3\(3\)jaa
version/cisco ios/15.3\(3\)jab
version/cisco ios/15.3\(3\)jab1
version/cisco ios/15.3\(3\)jn
version/cisco ios/15.3\(3\)jnb

CVE-2015-0648

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-0648?

How do I fix CVE-2015-0648?

What types of devices are affected by CVE-2015-0648?

What is the impact of CVE-2015-0648 on affected systems?

Can CVE-2015-0648 be exploited remotely?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2015-0648?

How do I fix CVE-2015-0648?

What types of devices are affected by CVE-2015-0648?

What is the impact of CVE-2015-0648 on affected systems?

Can CVE-2015-0648 be exploited remotely?