CVE-2015-0640
Cisco IOS XE 2.x-3.x - Denial of Service via Large IP Packet Fragmentation
Title source: llmDescription
The high-speed logging (HSL) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via large IP packets that require NAT and HSL processing after fragmentation, aka Bug ID CSCuo25741.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1031981
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-iosxe
Scores
EPSS
0.0191
EPSS Percentile
77.4%
Details
CWE
CWE-20
Status
published
Products (48)
cisco/ios_xe
3.1s.0
cisco/ios_xe
3.1s.1
cisco/ios_xe
3.1s.2
cisco/ios_xe
3.1s.3
cisco/ios_xe
3.1s.4
cisco/ios_xe
3.1s.5
cisco/ios_xe
3.1s.6
cisco/ios_xe
3.2s.0
cisco/ios_xe
3.2s.1
cisco/ios_xe
3.2s.2
... and 38 more
Published
Mar 26, 2015
Tracked Since
Feb 18, 2026