CVE-2015-0644

Cisco IOS XE 3.8-3.15 RCE or DoS via Crafted TCP Packet

Title source: llm
STIX 2.1

Description

AppNav in Cisco IOS XE 3.8 through 3.10 before 3.10.3S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to execute arbitrary code or cause a denial of service (device reload) via a crafted TCP packet, aka Bug ID CSCuo53622.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1031981

Scores

EPSS 0.0338
EPSS Percentile 87.4%

Details

CWE
CWE-20
Status published
Products (15)
cisco/ios_xe 3.8s.0
cisco/ios_xe 3.8s.1
cisco/ios_xe 3.8s.2
cisco/ios_xe 3.8s_base
cisco/ios_xe 3.9s.0
cisco/ios_xe 3.9s.1
cisco/ios_xe 3.9s.2
cisco/ios_xe 3.10s.0
cisco/ios_xe 3.10s.0a
cisco/ios_xe 3.10s.1
... and 5 more
Published Mar 26, 2015
Tracked Since Feb 18, 2026