Vulnerability Description
Cisco IOS XE before 3.1.2S on ASR 1000 devices mishandles the automatic setup of Virtual Fragment Reassembly (VFR) by certain firewall and NAT components, which allows remote attackers to cause a denial of service (Embedded Services Processor crash) via crafted IP packets, aka Bug IDs CSCtf87624, CSCte93229, CSCtd19103, and CSCti63623.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios Xe | 2.2.1 |
| Cisco | Asr 1001 | - |
| Cisco | Asr 1001-X | - |
| Cisco | Asr 1002 | - |
| Cisco | Asr 1002-X | - |
| Cisco | Asr 1004 | - |
| Cisco | Asr 1006 | - |
| Cisco | Asr 1013 | - |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/viewAlert.x?alertId=40690Vendor Advisory
- http://www.securitytracker.com/id/1033408
- http://tools.cisco.com/security/center/viewAlert.x?alertId=40690Vendor Advisory
- http://www.securitytracker.com/id/1033408
FAQ
What is CVE-2015-6273?
CVE-2015-6273 is a vulnerability with a CVSS score of 7.8 (HIGH). Cisco IOS XE before 3.1.2S on ASR 1000 devices mishandles the automatic setup of Virtual Fragment Reassembly (VFR) by certain firewall and NAT components, which allows remote attackers to cause a deni...
How severe is CVE-2015-6273?
CVE-2015-6273 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-6273?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios Xe, Cisco Asr 1001, Cisco Asr 1001-X, Cisco Asr 1002, Cisco Asr 1002-X.