CVE-2015-6272 | Vulnerability Database | Aqua Security

Cisco IOS XE 2.1.0 through 2.2.3 and 2.3.0 on ASR 1000 devices, when NAT Application Layer Gateway is used, allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted H.323 packet, aka Bug ID CSCsx35393, CSCsx07094, and CSCsw93064.

Affected Software

Name	Vendor	Start Version	End Version
Ios_xe	Cisco	2.1.0 (including)	2.1.0 (including)
Ios_xe	Cisco	2.1.1 (including)	2.1.1 (including)
Ios_xe	Cisco	2.1.2 (including)	2.1.2 (including)
Ios_xe	Cisco	2.1.3 (including)	2.1.3 (including)
Ios_xe	Cisco	2.2.1 (including)	2.2.1 (including)
Ios_xe	Cisco	2.2.2 (including)	2.2.2 (including)
Ios_xe	Cisco	2.2.3 (including)	2.2.3 (including)
Ios_xe	Cisco	2.3.0 (including)	2.3.0 (including)

References

http://tools.cisco.com/security/center/viewAlert.x?alertId=40689
http://www.securitytracker.com/id/1033410
http://tools.cisco.com/security/center/viewAlert.x?alertId=40689
http://www.securitytracker.com/id/1033410

NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-6272
CWE	https://cwe.mitre.org/data/definitions/399.html