CVE-2015-0694
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that certain ACL entries have a single-host constraint, which allows remote attackers to bypass intended network-resource access restrictions by using an address that was not supposed to have been allowed, aka Bug ID CSCur28806.
Los dispositivos Cisco ASR 9000 con software 5.3.0.BASE no reconocen que ciertas entradas ACL tienen una limitación de un anfitrión único, lo que permite a atacantes remotos evadir las restricciones de acceso de los recursos de la red mediante el uso de una dirección que se suponía que no se permitía, también conocido como Bug ID CSCur28806.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2015-01-07 CVE Reserved
- 2015-04-11 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-284: Improper Access Control
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securitytracker.com/id/1032059 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=38292 | 2015-09-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 5.3.0_base Search vendor "Cisco" for product "Ios Xr" and version "5.3.0_base" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9001 Search vendor "Cisco" for product "Asr 9001" | - | - |
Affected
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 5.3.0_base Search vendor "Cisco" for product "Ios Xr" and version "5.3.0_base" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9006 Search vendor "Cisco" for product "Asr 9006" | - | - |
Affected
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 5.3.0_base Search vendor "Cisco" for product "Ios Xr" and version "5.3.0_base" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9010 Search vendor "Cisco" for product "Asr 9010" | - | - |
Affected
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 5.3.0_base Search vendor "Cisco" for product "Ios Xr" and version "5.3.0_base" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9904 Search vendor "Cisco" for product "Asr 9904" | - | - |
Affected
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 5.3.0_base Search vendor "Cisco" for product "Ios Xr" and version "5.3.0_base" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9912 Search vendor "Cisco" for product "Asr 9912" | - | - |
Affected
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 5.3.0_base Search vendor "Cisco" for product "Ios Xr" and version "5.3.0_base" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9922 Search vendor "Cisco" for product "Asr 9922" | - | - |
Affected
|