CVE Vulnerabilities

CVE-2015-0695

Published: Apr 17, 2015 | Modified: Jan 06, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.8 HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu

Cisco IOS XR 4.3.4 through 5.3.0 on ASR 9000 devices, when uRPF, PBR, QoS, or an ACL is configured, does not properly handle bridge-group virtual interface (BVI) traffic, which allows remote attackers to cause a denial of service (chip and card hangs and reloads) by triggering use of a BVI interface for IPv4 packets, aka Bug ID CSCur62957.

Affected Software

Name Vendor Start Version End Version
Ios_xr Cisco 4.3.0 4.3.0
Ios_xr Cisco 4.3.1 4.3.1
Ios_xr Cisco 4.3.2 4.3.2
Ios_xr Cisco 4.3.3 4.3.3
Ios_xr Cisco 5.1.0 5.1.0
Ios_xr Cisco 5.1.1 5.1.1
Ios_xr Cisco 5.1.2 5.1.2
Ios_xr Cisco 5.2.0 5.2.0
Ios_xr Cisco 5.2.1 5.2.1

References