Sign-up

ID

VAR-201502-0140


CVE

CVE-2015-0606


TITLE

Cisco IOS of IOS Shell Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-001484

DESCRIPTION

The IOS Shell in Cisco IOS allows local users to cause a denial of service (device crash) via unspecified commands, aka Bug ID CSCur59696. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. This issue is being tracked by Cisco bug ID CSCur59696. The vulnerability is caused by the program not handling IOS Shell commands correctly

Trust: 2.61

sources: NVD: CVE-2015-0606 // JVNDB: JVNDB-2015-001484 // CNVD: CNVD-2015-01142 // BID: 72550 // VULHUB: VHN-78552 // VULMON: CVE-2015-0606

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2015-01142

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion: -

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:15.0(2a)se6

Trust: 0.8

vendor:ciscomodel:ios softwarescope: - version: -

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:0

Trust: 0.3

sources: CNVD: CNVD-2015-01142 // BID: 72550 // JVNDB: JVNDB-2015-001484 // CNNVD: CNNVD-201502-267 // NVD: CVE-2015-0606

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-0606
value: MEDIUM

Trust: 1.0

NVD: CVE-2015-0606
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2015-01142
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201502-267
value: MEDIUM

Trust: 0.6

VULHUB: VHN-78552
value: MEDIUM

Trust: 0.1

VULMON: CVE-2015-0606
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-0606
severity: MEDIUM
baseScore: 4.9
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2015-01142
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:S/C:N/I:N/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 3.1
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-78552
severity: MEDIUM
baseScore: 4.9
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2015-01142 // VULHUB: VHN-78552 // VULMON: CVE-2015-0606 // JVNDB: JVNDB-2015-001484 // CNNVD: CNNVD-201502-267 // NVD: CVE-2015-0606

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-78552 // JVNDB: JVNDB-2015-001484 // NVD: CVE-2015-0606

THREAT TYPE

local

Trust: 0.9

sources: BID: 72550 // CNNVD: CNNVD-201502-267

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201502-267

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-001484

PATCH
title:Cisco IOS Shell Denial of Service Vulnerabilityurl:http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0606
Trust: 0.8
title:37409url:http://tools.cisco.com/security/center/viewAlert.x?alertId=37409
Trust: 0.8
title:Patch for Cisco IOS Software Local Denial of Service Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/55301
Trust: 0.6
title:Cisco: Cisco IOS Shell Denial of Service Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=Cisco-SA-20150210-CVE-2015-0606
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2015-01142 // 
            
            
            
            VULMON: CVE-2015-0606 // 
            
            
            
            JVNDB: JVNDB-2015-001484

EXTERNAL IDS
db:NVDid:CVE-2015-0606
Trust: 3.5
db:BIDid:72550
Trust: 2.1
db:SECTRACKid:1031717
Trust: 1.2
db:JVNDBid:JVNDB-2015-001484
Trust: 0.8
db:CNNVDid:CNNVD-201502-267
Trust: 0.7
db:CNVDid:CNVD-2015-01142
Trust: 0.6
db:VULHUBid:VHN-78552
Trust: 0.1
db:VULMONid:CVE-2015-0606
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2015-01142 // 
            
            
            
            VULHUB: VHN-78552 // 
            
            
            
            VULMON: CVE-2015-0606 // 
            
            
            
            BID: 72550 // 
            
            
            
            JVNDB: JVNDB-2015-001484 // 
            
            
            
            CNNVD: CNNVD-201502-267 // 
            
            
            
            NVD: CVE-2015-0606

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2015-0606
Trust: 2.4
url:http://www.securityfocus.com/bid/72550
Trust: 1.2
url:http://www.securitytracker.com/id/1031717
Trust: 1.2
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/100810
Trust: 1.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0606
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0606
Trust: 0.8
url:http://www.securityfocus.com/bid/72550/info
Trust: 0.6
url:http://www.cisco.com
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/20.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150210-cve-2015-0606
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2015-01142 // 
            
            
            
            VULHUB: VHN-78552 // 
            
            
            
            VULMON: CVE-2015-0606 // 
            
            
            
            BID: 72550 // 
            
            
            
            JVNDB: JVNDB-2015-001484 // 
            
            
            
            CNNVD: CNNVD-201502-267 // 
            
            
            
            NVD: CVE-2015-0606

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 72550

SOURCES
db:CNVDid:CNVD-2015-01142
db:VULHUBid:VHN-78552
db:VULMONid:CVE-2015-0606
db:BIDid:72550
db:JVNDBid:JVNDB-2015-001484
db:CNNVDid:CNNVD-201502-267
db:NVDid:CVE-2015-0606

LAST UPDATE DATE
2025-04-13T23:27:34.389000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2015-01142date:2015-02-13T00:00:00
db:VULHUBid:VHN-78552date:2017-09-08T00:00:00
db:VULMONid:CVE-2015-0606date:2017-09-08T00:00:00
db:BIDid:72550date:2015-02-10T00:00:00
db:JVNDBid:JVNDB-2015-001484date:2015-02-17T00:00:00
db:CNNVDid:CNNVD-201502-267date:2015-02-12T00:00:00
db:NVDid:CVE-2015-0606date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CNVDid:CNVD-2015-01142date:2015-02-13T00:00:00
db:VULHUBid:VHN-78552date:2015-02-12T00:00:00
db:VULMONid:CVE-2015-0606date:2015-02-12T00:00:00
db:BIDid:72550date:2015-02-10T00:00:00
db:JVNDBid:JVNDB-2015-001484date:2015-02-17T00:00:00
db:CNNVDid:CNNVD-201502-267date:2015-02-12T00:00:00
db:NVDid:CVE-2015-0606date:2015-02-12T01:59:23.703