ID
VAR-201502-0123
CVE
CVE-2015-0593
TITLE
Cisco IOS of Zone-Based Firewall Service disruption in implementations (DoS) Vulnerabilities
Trust: 0.8
sources:
JVNDB: JVNDB-2015-001497
DESCRIPTION
The Zone-Based Firewall implementation in Cisco IOS 12.4(122)T and earlier does not properly manage session-object structures, which allows remote attackers to cause a denial of service (device reload) via crafted network traffic, aka Bug ID CSCul65003. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. Cisco IOS Software is prone to a denial-of-service vulnerability. This issue is being tracked by Cisco Bug ID CSCul65003. The vulnerability is caused by the incorrect management of the session-object structure in the program
Trust: 2.52
sources:
NVD: CVE-2015-0593 //
JVNDB: JVNDB-2015-001497 //
CNVD: CNVD-2015-01043 //
BID: 72549 //
VULHUB: VHN-78539
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2015-01043
AFFECTED PRODUCTS
| vendor: | cisco | model: | ios 12.4 t1 | scope: | - | version: | - | Trust: 2.7 |
| vendor: | cisco | model: | ios 12.4 t | scope: | - | version: | - | Trust: 2.7 |
| vendor: | cisco | model: | ios 12.4 t2 | scope: | - | version: | - | Trust: 2.4 |
| vendor: | cisco | model: | ios 12.4 t4 | scope: | - | version: | - | Trust: 2.1 |
| vendor: | cisco | model: | ios 12.4 t3 | scope: | - | version: | - | Trust: 2.1 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.4\(1.12\)t | Trust: 1.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.4\(1.19\)t | Trust: 1.6 |
| vendor: | cisco | model: | ios 12.4 t7 | scope: | - | version: | - | Trust: 1.5 |
| vendor: | cisco | model: | ios 12.4 t6 | scope: | - | version: | - | Trust: 1.5 |
| vendor: | cisco | model: | ios 12.4 t5 | scope: | - | version: | - | Trust: 1.2 |
| vendor: | cisco | model: | ios 12.4 t8 | scope: | - | version: | - | Trust: 0.9 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.4(1.12)t | Trust: 0.8 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.4(1.19)t | Trust: 0.8 |
| vendor: | cisco | model: | ios software | scope: | - | version: | - | Trust: 0.6 |
| vendor: | cisco | model: | ios 12.4 t9 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | cisco | model: | ios 12.4 t10 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | cisco | model: | ios 12.4 t16 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.4 t11 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.4 t17 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.4 t12 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.4 t15 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.4 t6a | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.4t | scope: | - | version: | - | Trust: 0.3 |
sources:
CNVD: CNVD-2015-01043 //
BID: 72549 //
JVNDB: JVNDB-2015-001497 //
CNNVD: CNNVD-201502-276 //
NVD: CVE-2015-0593
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
CNVD: CNVD-2015-01043 //
VULHUB: VHN-78539 //
JVNDB: JVNDB-2015-001497 //
CNNVD: CNNVD-201502-276 //
NVD: CVE-2015-0593
PROBLEMTYPE DATA
| problemtype: | CWE-399 | Trust: 1.9 |
sources:
VULHUB: VHN-78539 //
JVNDB: JVNDB-2015-001497 //
NVD: CVE-2015-0593
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-201502-276
TYPE
resource management error
Trust: 0.6
sources:
CNNVD: CNNVD-201502-276
CONFIGURATIONS
sources:
JVNDB: JVNDB-2015-001497
PATCH
| title: | CSCul65003 | url: | https://tools.cisco.com/quickview/bug/CSCul65003 | Trust: 0.8 |
| title: | Cisco IOS Software Zone-Based Firewall Vulnerability | url: | http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0593 | Trust: 0.8 |
| title: | 37417 | url: | http://tools.cisco.com/security/center/viewAlert.x?alertId=37417 | Trust: 0.8 |
| title: | Patch for Cisco IOS Software Denial of Service Vulnerability | url: | https://www.cnvd.org.cn/patchInfo/show/55302 | Trust: 0.6 |
sources:
CNVD: CNVD-2015-01043 //
JVNDB: JVNDB-2015-001497
EXTERNAL IDS
| db: | NVD | id: | CVE-2015-0593 | Trust: 3.4 |
| db: | BID | id: | 72549 | Trust: 2.6 |
| db: | JVNDB | id: | JVNDB-2015-001497 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201502-276 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2015-01043 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-78539 | Trust: 0.1 |
sources:
CNVD: CNVD-2015-01043 //
VULHUB: VHN-78539 //
BID: 72549 //
JVNDB: JVNDB-2015-001497 //
CNNVD: CNNVD-201502-276 //
NVD: CVE-2015-0593
REFERENCES
| url: | http://www.securityfocus.com/bid/72549 | Trust: 2.3 |
| url: | http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2015-0593 | Trust: 1.7 |
| url: | http://tools.cisco.com/security/center/viewalert.x?alertid=37417 | Trust: 1.7 |
| url: | https://exchange.xforce.ibmcloud.com/vulnerabilities/100757 | Trust: 1.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0593 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0593 | Trust: 0.8 |
| url: | http://www.cisco.com/ | Trust: 0.3 |
sources:
CNVD: CNVD-2015-01043 //
VULHUB: VHN-78539 //
BID: 72549 //
JVNDB: JVNDB-2015-001497 //
CNNVD: CNNVD-201502-276 //
NVD: CVE-2015-0593
CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
BID: 72549
SOURCES
| db: | CNVD | id: | CNVD-2015-01043 |
| db: | VULHUB | id: | VHN-78539 |
| db: | BID | id: | 72549 |
| db: | JVNDB | id: | JVNDB-2015-001497 |
| db: | CNNVD | id: | CNNVD-201502-276 |
| db: | NVD | id: | CVE-2015-0593 |
LAST UPDATE DATE
2025-04-13T23:18:12.130000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2015-01043 | date: | 2015-02-12T00:00:00 |
| db: | VULHUB | id: | VHN-78539 | date: | 2017-09-08T00:00:00 |
| db: | BID | id: | 72549 | date: | 2015-02-16T00:04:00 |
| db: | JVNDB | id: | JVNDB-2015-001497 | date: | 2015-03-03T00:00:00 |
| db: | CNNVD | id: | CNNVD-201502-276 | date: | 2015-02-15T00:00:00 |
| db: | NVD | id: | CVE-2015-0593 | date: | 2025-04-12T10:46:40.837 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2015-01043 | date: | 2015-02-12T00:00:00 |
| db: | VULHUB | id: | VHN-78539 | date: | 2015-02-13T00:00:00 |
| db: | BID | id: | 72549 | date: | 2015-02-09T00:00:00 |
| db: | JVNDB | id: | JVNDB-2015-001497 | date: | 2015-02-18T00:00:00 |
| db: | CNNVD | id: | CNNVD-201502-276 | date: | 2015-02-13T00:00:00 |
| db: | NVD | id: | CVE-2015-0593 | date: | 2015-02-13T02:59:09.063 |