Sign-up

ID

VAR-201502-0141


CVE

CVE-2015-0608


TITLE

Cisco IOS of Measurement Service disruption in implementations such as (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-001483

DESCRIPTION

Race condition in the Measurement, Aggregation, and Correlation Engine (MACE) implementation in Cisco IOS 15.4(2)T3 and earlier allows remote attackers to cause a denial of service (device reload) via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching, aka Bug ID CSCul48736. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. A denial of service vulnerability exists in Cisco IOS Software that could allow an attacker to reinstall a device and deny service to a legitimate user. Cisco IOS Software is prone to a denial-of-service vulnerability. This issue is being tracked by Cisco Bug ID CSCul48736. Measurement, Aggregation, and Correlation Engine (MACE) is one of the functions for measuring and analyzing network packets

Trust: 2.52

sources: NVD: CVE-2015-0608 // JVNDB: JVNDB-2015-001483 // CNVD: CNVD-2015-01122 // BID: 72566 // VULHUB: VHN-78554

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2015-01122

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion:15.4\(2\)t

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:15.4\(1\)t2

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:15.4\(2\)t1

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:15.4t

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:15.4\(1\)t3

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:15.4\(1\)t1

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:15.4\(1\)t4

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:15.4\(2\)t2

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:15.4\(1\)t

Trust: 1.6

vendor:ciscomodel:iosscope:lteversion:15.4\(2\)t3

Trust: 1.0

vendor:ciscomodel:iosscope:lteversion:15.4(2)t3

Trust: 0.8

vendor:ciscomodel:ios softwarescope: - version: -

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:15.4\(2\)t3

Trust: 0.6

sources: CNVD: CNVD-2015-01122 // JVNDB: JVNDB-2015-001483 // CNNVD: CNNVD-201502-268 // NVD: CVE-2015-0608

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-0608
value: HIGH

Trust: 1.0

NVD: CVE-2015-0608
value: HIGH

Trust: 0.8

CNVD: CNVD-2015-01122
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201502-268
value: HIGH

Trust: 0.6

VULHUB: VHN-78554
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2015-0608
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2015-01122
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-78554
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2015-01122 // VULHUB: VHN-78554 // JVNDB: JVNDB-2015-001483 // CNNVD: CNNVD-201502-268 // NVD: CVE-2015-0608

PROBLEMTYPE DATA

problemtype:CWE-362

Trust: 1.9

sources: VULHUB: VHN-78554 // JVNDB: JVNDB-2015-001483 // NVD: CVE-2015-0608

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201502-268

TYPE

competitive condition

Trust: 0.6

sources: CNNVD: CNNVD-201502-268

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-001483

PATCH
title:Cisco IOS Measurement, Aggregation, and Correlation Engine Denial of Service Vulnerabilityurl:http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0608
Trust: 0.8
title:37421url:http://tools.cisco.com/security/center/viewAlert.x?alertId=37421
Trust: 0.8
title:Patch for Cisco IOS Software Denial of Service Vulnerability (CNVD-2015-01122)url:https://www.cnvd.org.cn/patchInfo/show/55396
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2015-01122 // 
            
            
            
            JVNDB: JVNDB-2015-001483

EXTERNAL IDS
db:NVDid:CVE-2015-0608
Trust: 3.4
db:BIDid:72566
Trust: 2.0
db:SECTRACKid:1031731
Trust: 1.1
db:JVNDBid:JVNDB-2015-001483
Trust: 0.8
db:CNVDid:CNVD-2015-01122
Trust: 0.6
db:CNNVDid:CNNVD-201502-268
Trust: 0.6
db:VULHUBid:VHN-78554
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2015-01122 // 
            
            
            
            VULHUB: VHN-78554 // 
            
            
            
            BID: 72566 // 
            
            
            
            JVNDB: JVNDB-2015-001483 // 
            
            
            
            CNNVD: CNNVD-201502-268 // 
            
            
            
            NVD: CVE-2015-0608

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2015-0608
Trust: 2.3
url:http://tools.cisco.com/security/center/viewalert.x?alertid=37421
Trust: 1.7
url:http://www.securityfocus.com/bid/72566
Trust: 1.1
url:http://www.securitytracker.com/id/1031731
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/100808
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0608
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0608
Trust: 0.8
url:http://www.securityfocus.com/bid/72566/info
Trust: 0.6
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2015-01122 // 
            
            
            
            VULHUB: VHN-78554 // 
            
            
            
            BID: 72566 // 
            
            
            
            JVNDB: JVNDB-2015-001483 // 
            
            
            
            CNNVD: CNNVD-201502-268 // 
            
            
            
            NVD: CVE-2015-0608

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 72566

SOURCES
db:CNVDid:CNVD-2015-01122
db:VULHUBid:VHN-78554
db:BIDid:72566
db:JVNDBid:JVNDB-2015-001483
db:CNNVDid:CNNVD-201502-268
db:NVDid:CVE-2015-0608

LAST UPDATE DATE
2025-04-13T23:21:18.651000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2015-01122date:2015-02-13T00:00:00
db:VULHUBid:VHN-78554date:2017-09-08T00:00:00
db:BIDid:72566date:2015-02-16T00:04:00
db:JVNDBid:JVNDB-2015-001483date:2015-02-17T00:00:00
db:CNNVDid:CNNVD-201502-268date:2015-02-12T00:00:00
db:NVDid:CVE-2015-0608date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CNVDid:CNVD-2015-01122date:2015-02-13T00:00:00
db:VULHUBid:VHN-78554date:2015-02-12T00:00:00
db:BIDid:72566date:2015-02-11T00:00:00
db:JVNDBid:JVNDB-2015-001483date:2015-02-17T00:00:00
db:CNNVDid:CNNVD-201502-268date:2015-02-12T00:00:00
db:NVDid:CVE-2015-0608date:2015-02-12T01:59:25.047