CVE-2015-0648

Memory leak in Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (memory consumption) via crafted Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun49658.

Affected Software

Name	Vendor	Start Version	End Version
Ios	Cisco	12.2(33)ird1 (including)	12.2(33)ird1 (including)
Ios	Cisco	12.2(33)ire3 (including)	12.2(33)ire3 (including)
Ios	Cisco	12.2(33)sxi4b (including)	12.2(33)sxi4b (including)
Ios	Cisco	12.2(44)ex (including)	12.2(44)ex (including)
Ios	Cisco	12.2(44)ex1 (including)	12.2(44)ex1 (including)
Ios	Cisco	12.2(44)sq1 (including)	12.2(44)sq1 (including)
Ios	Cisco	12.2(46)se (including)	12.2(46)se (including)
Ios	Cisco	12.2(46)se1 (including)	12.2(46)se1 (including)
Ios	Cisco	12.2(46)se2 (including)	12.2(46)se2 (including)
Ios	Cisco	12.2(50)se (including)	12.2(50)se (including)
Ios	Cisco	12.2(50)se1 (including)	12.2(50)se1 (including)
Ios	Cisco	12.2(50)se2 (including)	12.2(50)se2 (including)
Ios	Cisco	12.2(50)se3 (including)	12.2(50)se3 (including)
Ios	Cisco	12.2(50)se4 (including)	12.2(50)se4 (including)
Ios	Cisco	12.2(50)se5 (including)	12.2(50)se5 (including)
Ios	Cisco	12.2(52)se (including)	12.2(52)se (including)
Ios	Cisco	12.2(52)se1 (including)	12.2(52)se1 (including)
Ios	Cisco	12.2(55)se (including)	12.2(55)se (including)
Ios	Cisco	12.2(55)se3 (including)	12.2(55)se3 (including)
Ios	Cisco	12.2(55)se4 (including)	12.2(55)se4 (including)
Ios	Cisco	12.2(55)se5 (including)	12.2(55)se5 (including)
Ios	Cisco	12.2(55)se6 (including)	12.2(55)se6 (including)
Ios	Cisco	12.2(55)se7 (including)	12.2(55)se7 (including)
Ios	Cisco	12.2(55)se8 (including)	12.2(55)se8 (including)
Ios	Cisco	12.2(55)se9 (including)	12.2(55)se9 (including)
Ios	Cisco	12.2(58)se2 (including)	12.2(58)se2 (including)
Ios	Cisco	12.4(25e)jam1 (including)	12.4(25e)jam1 (including)
Ios	Cisco	12.4(25e)jap1m (including)	12.4(25e)jap1m (including)
Ios	Cisco	12.4(25e)jaz1 (including)	12.4(25e)jaz1 (including)
Ios	Cisco	15.0(1)ey (including)	15.0(1)ey (including)
Ios	Cisco	15.0(1)ey1 (including)	15.0(1)ey1 (including)
Ios	Cisco	15.0(1)ey2 (including)	15.0(1)ey2 (including)
Ios	Cisco	15.0(2)eb (including)	15.0(2)eb (including)
Ios	Cisco	15.0(2)ed1 (including)	15.0(2)ed1 (including)
Ios	Cisco	15.0(2)ey (including)	15.0(2)ey (including)
Ios	Cisco	15.0(2)ey1 (including)	15.0(2)ey1 (including)
Ios	Cisco	15.0(2)ey2 (including)	15.0(2)ey2 (including)
Ios	Cisco	15.0(2)ey3 (including)	15.0(2)ey3 (including)
Ios	Cisco	15.0(2)se (including)	15.0(2)se (including)
Ios	Cisco	15.0(2)se1 (including)	15.0(2)se1 (including)
Ios	Cisco	15.0(2)se2 (including)	15.0(2)se2 (including)
Ios	Cisco	15.0(2)se3 (including)	15.0(2)se3 (including)
Ios	Cisco	15.0(2)se4 (including)	15.0(2)se4 (including)
Ios	Cisco	15.0(2)se5 (including)	15.0(2)se5 (including)
Ios	Cisco	15.0(2)se6 (including)	15.0(2)se6 (including)
Ios	Cisco	15.0(2)se7 (including)	15.0(2)se7 (including)
Ios	Cisco	15.2(1)ex (including)	15.2(1)ex (including)
Ios	Cisco	15.2(1)ey (including)	15.2(1)ey (including)
Ios	Cisco	15.2(2)e (including)	15.2(2)e (including)
Ios	Cisco	15.2(2)e1 (including)	15.2(2)e1 (including)
Ios	Cisco	15.2(2)jb1 (including)	15.2(2)jb1 (including)
Ios	Cisco	15.3(2)s2 (including)	15.3(2)s2 (including)
Ios	Cisco	15.3(3)ja (including)	15.3(3)ja (including)
Ios	Cisco	15.3(3)ja1 (including)	15.3(3)ja1 (including)
Ios	Cisco	15.3(3)ja1m (including)	15.3(3)ja1m (including)
Ios	Cisco	15.3(3)ja1n (including)	15.3(3)ja1n (including)
Ios	Cisco	15.3(3)jaa (including)	15.3(3)jaa (including)
Ios	Cisco	15.3(3)jab (including)	15.3(3)jab (including)
Ios	Cisco	15.3(3)jab1 (including)	15.3(3)jab1 (including)
Ios	Cisco	15.3(3)jn (including)	15.3(3)jn (including)
Ios	Cisco	15.3(3)jnb (including)	15.3(3)jnb (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-0648
CWE	https://cwe.mitre.org/data/definitions/399.html

Affected Software

References