← Back

CVE-2015-0695

nvd nist
Published: Apr 17, 2015Modified: May 6, 2026

JSON object

Loading...
7.8
Vector
AV:N/AC:L/Au:N/C:N/I:N/A:C
Exploitability: 10.0 / Impact: 6.9
Source: NVD

Description

Cisco IOS XR 4.3.4 through 5.3.0 on ASR 9000 devices, when uRPF, PBR, QoS, or an ACL is configured, does not properly handle bridge-group virtual interface (BVI) traffic, which allows remote attackers to cause a denial of service (chip and card hangs and reloads) by triggering use of a BVI interface for IPv4 packets, aka Bug ID CSCur62957.

Affected (9)

Products: Cisco: Ios Xr
Cisco
1 product
Ios Xr
Configuration A
9 vulnerable · 6 platform
Vulnerable SoftwareAffected Versions
Cisco
Ios Xr
Version 4.3.0
Ios Xr
Version 4.3.1
Ios Xr
Version 4.3.2
Ios Xr
Version 4.3.3
Ios Xr
Version 5.1.0
Ios Xr
Version 5.1.1
Ios Xr
Version 5.1.2
Ios Xr
Version 5.2.0
Ios Xr
Version 5.2.1
Running on/withPlatform Versions
Cisco
Asr 9001
All versions
Cisco
Asr 9006
All versions
Cisco
Asr 9010
All versions
Cisco
Asr 9904
All versions
Cisco
Asr 9912
All versions
Cisco
Asr 9922
All versions

Related CWEs

CWE-19
CWE-19
CWE-399
CWE-399

References (6)

Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Third Party AdvisoryVDB Entry
Source: psirt@cisco.com
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry

Timeline

No history available yet.