CVE-2015-0610
Severity Score
4.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Race condition in the object-group ACL feature in Cisco IOS 15.5(2)T and earlier allows remote attackers to bypass intended access restrictions via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching, aka Bug ID CSCun21071.
Condición de carrera en la característica object-group ACL en Cisco IOS 15.5(2)T y anteriores permite a atacantes remotos evadir las restricciones de acceso a través de trafico manipulado de la red que provoca el manejo incorrecto de los tiempos de la conmutación de procesos y de la conmutación de Cisco Express Forwarding (CEF), también conocido como Bug ID CSCun21071.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2015-01-07 CVE Reserved
- 2015-02-12 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/72565 | Vdb Entry | |
| http://www.securitytracker.com/id/1031732 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/100807 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0610 | 2017-09-08 | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=37423 | 2017-09-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | <= 15.5\(2\)t Search vendor "Cisco" for product "Ios" and version " <= 15.5\(2\)t" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.5\(1\)t Search vendor "Cisco" for product "Ios" and version "15.5\(1\)t" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.5\(1\)t1 Search vendor "Cisco" for product "Ios" and version "15.5\(1\)t1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 15.5t Search vendor "Cisco" for product "Ios" and version "15.5t" | - |
Affected
| ||||||