ID
VAR-201503-0172
CVE
CVE-2015-0669
TITLE
Cisco IOS of Autonomic Networking Infrastructure Vulnerability in changing configuration settings
Trust: 0.8
DESCRIPTION
The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 15.4S and 15.4(3)S allows remote attackers to modify configuration settings or cause a denial of service (partial service outage) by sending crafted Autonomic Networking (AN) messages on an intranet network, aka Bug ID CSCup62167. Cisco IOS is an operating system developed by Cisco Systems for its network devices. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. This issue is tracked by Cisco Bug ID CSCup62167
Trust: 2.52
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.4s | Trust: 2.4 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.4\(3\)s | Trust: 1.6 |
| vendor: | cisco | model: | ios 15.4s | scope: | - | version: | - | Trust: 0.9 |
| vendor: | cisco | model: | ios 15.4 s | scope: | - | version: | - | Trust: 0.9 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.4(3)s | Trust: 0.8 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-20 | Trust: 1.9 |
THREAT TYPE
remote
Trust: 0.6
TYPE
input validation
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | 37935 | url: | http://tools.cisco.com/security/center/viewAlert.x?alertId=37935 | Trust: 0.8 |
| title: | Patch for Cisco IOS Autonomic Networking Infrastructure Denial of Service Vulnerability | url: | https://www.cnvd.org.cn/patchInfo/show/56591 | Trust: 0.6 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2015-0669 | Trust: 3.4 |
| db: | SECTRACK | id: | 1031967 | Trust: 1.1 |
| db: | BID | id: | 73245 | Trust: 1.0 |
| db: | JVNDB | id: | JVNDB-2015-001899 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201503-415 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2015-01924 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-78615 | Trust: 0.1 |
REFERENCES
| url: | http://tools.cisco.com/security/center/viewalert.x?alertid=37935 | Trust: 2.6 |
| url: | http://www.securitytracker.com/id/1031967 | Trust: 1.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0669 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0669 | Trust: 0.8 |
| url: | http://www.cisco.com/ | Trust: 0.3 |
| url: | http://www.cisco.com/public/sw-center/sw-ios.shtml | Trust: 0.3 |
CREDITS
Cisco
Trust: 0.3
SOURCES
| db: | CNVD | id: | CNVD-2015-01924 |
| db: | VULHUB | id: | VHN-78615 |
| db: | BID | id: | 73245 |
| db: | JVNDB | id: | JVNDB-2015-001899 |
| db: | CNNVD | id: | CNNVD-201503-415 |
| db: | NVD | id: | CVE-2015-0669 |
LAST UPDATE DATE
2025-04-13T23:36:28.575000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2015-01924 | date: | 2015-03-24T00:00:00 |
| db: | VULHUB | id: | VHN-78615 | date: | 2015-10-01T00:00:00 |
| db: | BID | id: | 73245 | date: | 2015-03-19T00:00:00 |
| db: | JVNDB | id: | JVNDB-2015-001899 | date: | 2015-03-24T00:00:00 |
| db: | CNNVD | id: | CNNVD-201503-415 | date: | 2015-03-27T00:00:00 |
| db: | NVD | id: | CVE-2015-0669 | date: | 2025-04-12T10:46:40.837 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2015-01924 | date: | 2015-03-24T00:00:00 |
| db: | VULHUB | id: | VHN-78615 | date: | 2015-03-21T00:00:00 |
| db: | BID | id: | 73245 | date: | 2015-03-19T00:00:00 |
| db: | JVNDB | id: | JVNDB-2015-001899 | date: | 2015-03-24T00:00:00 |
| db: | CNNVD | id: | CNNVD-201503-415 | date: | 2015-03-23T00:00:00 |
| db: | NVD | id: | CVE-2015-0669 | date: | 2015-03-21T01:59:00.090 |