Detections
Analytics
Cisco IOS Software TCP CIP DoS
high Nessus Plugin ID 82571
Language:
Synopsis
The remote device is missing a vendor-supplied security patch.Description
According to its self-reported version, the Cisco IOS software running on the remote device is affected by multiple flaws in the Common Industrial Protocol (CIP) implementation that allow a remote, unauthenticated attacker to cause a denial of service (DoS) condition, as follows:- A denial of service (device reload) may be triggered via malformed CIP UDP packets. (CVE-2015-0647)
- A denial of service (memory consumption) may be triggered via crafted CIP TCP packets. (CVE-2015-0648)
- A denial of service (device reload) may be triggered via malformed CIP TCP packets. (CVE-2015-0640)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Apply the relevant patch referenced in the vendor advisory.See Also
http://www.nessus.org/u?8dadcf82
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCum98371
Plugin Details
Severity: High
ID: 82571
File Name: cisco-sa-20150325-cip-ios.nasl
Version: 1.19
Type: combined
Family: CISCO
Published: 4/3/2015
Updated: 11/22/2019
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: High
Base Score: 7.8
Temporal Score: 5.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS Score Source: CVE-2015-0649
CVSS v3
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:cisco:ios
Required KB Items: Host/Cisco/IOS/Version
Exploit Ease: No known exploits are available
Patch Publication Date: 4/2/2015
Vulnerability Publication Date: 3/25/2015
Reference Information
CVE: CVE-2015-0647, CVE-2015-0648, CVE-2015-0649
BID: 73334
CISCO-SA: cisco-sa-20150325-cip
CISCO-BUG-ID: CSCum98371, CSCun49658, CSCun63514