{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-03-25T00:00:00", "descriptions": [{"lang": "en", "value": "The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to spoof Autonomic Networking Registration Authority (ANRA) responses, and consequently bypass intended device and node access restrictions or cause a denial of service (disrupted domain access), via crafted AN messages, aka Bug ID CSCup62191."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2015-03-30T13:57:00", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20150325 Multiple Vulnerabilities in Cisco IOS Software and IOS XE Software Autonomic Networking Infrastructure", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ani"}, {"name": "1031982", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1031982"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2015-0635", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to spoof Autonomic Networking Registration Authority (ANRA) responses, and consequently bypass intended device and node access restrictions or cause a denial of service (disrupted domain access), via crafted AN messages, aka Bug ID CSCup62191."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20150325 Multiple Vulnerabilities in Cisco IOS Software and IOS XE Software Autonomic Networking Infrastructure", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ani"}, {"name": "1031982", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031982"}]}}}}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2015-0635", "datePublished": "2015-03-26T10:00:00", "dateReserved": "2015-01-07T00:00:00", "dateUpdated": "2015-03-30T13:57:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.0:*:*:*:*:*:*:*", "matchCriteriaId": "5C1C77A7-FCD5-4558-A351-081D6678DB21", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.1:*:*:*:*:*:*:*", "matchCriteriaId": "24C948D8-C540-4FF1-A9F7-BFB20E5541FE", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.2:*:*:*:*:*:*:*", "matchCriteriaId": "7AF1294B-B4F6-40CC-A115-942B18CDA361", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.3:*:*:*:*:*:*:*", "matchCriteriaId": "B72E6572-FF41-4606-9DA5-FA486D591A58", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.4:*:*:*:*:*:*:*", "matchCriteriaId": "B74B72D9-AB41-4D98-BEF5-3CA37F68F645", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.10s.5:*:*:*:*:*:*:*", "matchCriteriaId": "6FC3A52D-50B6-44F0-A20B-09EE462EB0BD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.11s.0:*:*:*:*:*:*:*", "matchCriteriaId": "C0A98DFE-18FF-455A-AFA6-49960CB98C85", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.11s.1:*:*:*:*:*:*:*", "matchCriteriaId": "277C9543-A842-45AB-A2EF-DB2F8412D748", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.11s.2:*:*:*:*:*:*:*", "matchCriteriaId": "6C942D30-8344-425E-804E-E1BB1F1F0D22", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.11s.3:*:*:*:*:*:*:*", "matchCriteriaId": "C7382973-7673-4D6E-8716-AFDE2EB04C94", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.12s.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5E6FF1A-D90D-412A-8159-E766DC14FA57", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.12s.1:*:*:*:*:*:*:*", "matchCriteriaId": "84E6DEE6-50EF-4333-B0B9-964A633734D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.12s.2:*:*:*:*:*:*:*", "matchCriteriaId": "D83A5AC0-C583-4B2E-8F08-989B3EF3F4EF", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.13s.0:*:*:*:*:*:*:*", "matchCriteriaId": "28303ADA-1B8E-42F6-9CD1-A457D863727B", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)ird1:*:*:*:*:*:*:*", "matchCriteriaId": "ACA00878-FA42-4234-B3CD-F2F07F7CE9EA", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)ire3:*:*:*:*:*:*:*", "matchCriteriaId": "B785F54A-DD27-4422-8F25-0A6EB3E36EEA", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sxi4b:*:*:*:*:*:*:*", "matchCriteriaId": "95470E1A-2FEC-41DA-8259-EE4F890A32B5", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.2\\(44\\)sq1:*:*:*:*:*:*:*", "matchCriteriaId": "742DA70E-6FF9-451D-9E62-F81EFB0BEB6C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4\\(25e\\)jam1:*:*:*:*:*:*:*", "matchCriteriaId": "30FFBD57-E751-42C8-AE89-CD2073F45688", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4\\(25e\\)jap1m:*:*:*:*:*:*:*", "matchCriteriaId": "D4D3B067-46F9-460B-A3EB-7FCA3DDA7E3E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4\\(25e\\)jaz1:*:*:*:*:*:*:*", "matchCriteriaId": "81CA75FF-8C2E-4D9C-BE57-34EF801C28D5", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)ed1:*:*:*:*:*:*:*", "matchCriteriaId": "E5D3C419-D1FF-45E8-A5B1-AFFC59567478", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)ex:*:*:*:*:*:*:*", "matchCriteriaId": "9E92C269-3C17-4C9D-970F-E9C8EE709ADA", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb1:*:*:*:*:*:*:*", "matchCriteriaId": "E15A69BF-50B6-42BE-9F44-7A7EBA28CC6D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(2\\)s2:*:*:*:*:*:*:*", "matchCriteriaId": "6B7E5969-E55B-4EBF-ADDE-8A969174E03D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja1n:*:*:*:*:*:*:*", "matchCriteriaId": "49DAE7DA-E0D3-4434-AD75-C8894D939A83", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jab1:*:*:*:*:*:*:*", "matchCriteriaId": "CBEF7B94-3510-48FA-B783-1BF1C23C2C0C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jn:*:*:*:*:*:*:*", "matchCriteriaId": "32E6CCE7-88BB-4F4F-9253-EC67B5076767", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnb:*:*:*:*:*:*:*", "matchCriteriaId": "9BC3CD43-F30A-484B-9285-D925C1262212", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s:*:*:*:*:*:*:*", "matchCriteriaId": "AB84CE04-F2D0-4A37-B2BA-25126D1824D8", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s1:*:*:*:*:*:*:*", "matchCriteriaId": "E32C83FA-EBE9-4A84-B34A-25BBA4D47E3F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s2:*:*:*:*:*:*:*", "matchCriteriaId": "63ACFACC-23B7-4EAC-BDC0-E3C403642D88", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s3:*:*:*:*:*:*:*", "matchCriteriaId": "0F3A95D5-157D-4335-87B4-8DA080A496FF", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s4:*:*:*:*:*:*:*", "matchCriteriaId": "5E613BC4-AC20-4E43-8FB3-2EE9F0A2610D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s5:*:*:*:*:*:*:*", "matchCriteriaId": "8D54B325-22D5-4F21-BE28-BE28F6135FBF", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)s:*:*:*:*:*:*:*", "matchCriteriaId": "237D305E-016D-4E84-827C-44D04E3E0999", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)s1:*:*:*:*:*:*:*", "matchCriteriaId": "E993A32E-D2AF-4519-B4C9-7F576649D20F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)s2:*:*:*:*:*:*:*", "matchCriteriaId": "7260A66D-D477-440E-9A87-C05F9BD9E67C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)s3:*:*:*:*:*:*:*", "matchCriteriaId": "31059ED1-4D82-43D7-8EF7-042125289CF1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)s:*:*:*:*:*:*:*", "matchCriteriaId": "4151B2B1-B17F-4F1D-A211-34C7DB84E442", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)s1:*:*:*:*:*:*:*", "matchCriteriaId": "37B550C9-B2E4-44EE-8E0B-54D150C69A0F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)s2:*:*:*:*:*:*:*", "matchCriteriaId": "BEBBA614-74E7-43C7-8D33-ADF4BD79D477", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)s:*:*:*:*:*:*:*", "matchCriteriaId": "C63FF7C4-D9CE-4D6C-B36E-0C0DC06F453E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to spoof Autonomic Networking Registration Authority (ANRA) responses, and consequently bypass intended device and node access restrictions or cause a denial of service (disrupted domain access), via crafted AN messages, aka Bug ID CSCup62191."}, {"lang": "es", "value": "La implementaci\u00f3n Autonomic Networking Infrastructure (ANI) en Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, y 15.4 y IOS XE 3.10.xS hasta 3.13.xS anterior a 3.13.1S permite a atacantes remotos falsificar respuestas de la Autonomic Networking Registration Authority (ANRA), y como consecuencia evadir las restricciones de acceso a dispositivos y nodos o causar una denegaci\u00f3n de servicio (acceso a dominio interrumpido), a trav\u00e9s de mensajes AN falsificados, tambi\u00e9n conocido como Bug ID CSCup62191."}], "id": "CVE-2015-0635", "lastModified": "2015-10-01T17:13:36.103", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 8.5, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-03-26T10:59:00.067", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ani"}, {"source": "ykramarz@cisco.com", "url": "http://www.securitytracker.com/id/1031982"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}