Detections
Analytics
Cisco IOS Autonomic Networking Infrastructure Multiple Vulnerabilities (cisco-sa-20150325-ani)
high Nessus Plugin ID 82584
Language:
Synopsis
The remote device is missing a vendor-supplied security patch.Description
According to its self-reported version, the Cisco IOS software running on the remote device is affected by the following vulnerabilities in the Autonomic Networking Infrastructure (ANI) :- A flaw exists in the ANI implementation due to failing to properly validate Autonomic Networking (AN) response messages. An unauthenticated, remote attacker, using crafted AN messages, can boot the device into an untrusted automatic domain, thus gaining limited control of the AN node and disrupting access to legitimate domains, resulting in a denial of service.
(CVE-2015-0635)
- A denial of service vulnerability exists in the ANI due to improperly handling AN messages that can reset the finite state machine. An unauthenticated, remote attacker, using a specially crafted AN message, can spoof an existing AN node, allowing disruption of access to the automatic domain. (CVE-2015-0636)
- A denial of service vulnerability exists in the ANI due to improperly validating received AN messages. An unauthenticated, remote attacker, using crafted AN messages spoofing the device, can cause the device to reload. (CVE-2015-0637)
Note that these issues only affect devices with ANI enabled.
Solution
Apply the relevant patch referenced in the Cisco Security Advisory.See Also
http://www.nessus.org/u?dabca9f4
https://tools.cisco.com/security/center/viewAlert.x?alertId=37811
https://tools.cisco.com/security/center/viewAlert.x?alertId=37812
https://tools.cisco.com/security/center/viewAlert.x?alertId=37813
Plugin Details
Severity: High
ID: 82584
File Name: cisco-sa-20150325-ani-ios.nasl
Version: 1.14
Type: combined
Family: CISCO
Published: 4/6/2015
Updated: 12/1/2020
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.8
CVSS v2
Risk Factor: High
Base Score: 9
Temporal Score: 6.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C
CVSS Score Source: CVE-2015-0637
Vulnerability Information
CPE: cpe:/o:cisco:ios
Required KB Items: Host/Cisco/IOS/Version
Exploit Ease: No known exploits are available
Patch Publication Date: 4/3/2015
Vulnerability Publication Date: 3/25/2015
Reference Information
CVE: CVE-2015-0635, CVE-2015-0636, CVE-2015-0637
CISCO-SA: cisco-sa-20150325-ani
CISCO-BUG-ID: CSCup62191, CSCup62293, CSCup62315