Cisco IOS Autonomic Networking Infrastructure Multiple Vulnerabilities (cisco-sa-20150325-ani)

high Nessus Plugin ID 82584

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

According to its self-reported version, the Cisco IOS software running on the remote device is affected by the following vulnerabilities in the Autonomic Networking Infrastructure (ANI) :

- A flaw exists in the ANI implementation due to failing to properly validate Autonomic Networking (AN) response messages. An unauthenticated, remote attacker, using crafted AN messages, can boot the device into an untrusted automatic domain, thus gaining limited control of the AN node and disrupting access to legitimate domains, resulting in a denial of service.
(CVE-2015-0635)

- A denial of service vulnerability exists in the ANI due to improperly handling AN messages that can reset the finite state machine. An unauthenticated, remote attacker, using a specially crafted AN message, can spoof an existing AN node, allowing disruption of access to the automatic domain. (CVE-2015-0636)

- A denial of service vulnerability exists in the ANI due to improperly validating received AN messages. An unauthenticated, remote attacker, using crafted AN messages spoofing the device, can cause the device to reload. (CVE-2015-0637)

Note that these issues only affect devices with ANI enabled.

Solution

Apply the relevant patch referenced in the Cisco Security Advisory.

See Also

http://www.nessus.org/u?dabca9f4

https://tools.cisco.com/security/center/viewAlert.x?alertId=37811

https://tools.cisco.com/security/center/viewAlert.x?alertId=37812

https://tools.cisco.com/security/center/viewAlert.x?alertId=37813

Plugin Details

Severity: High

ID: 82584

File Name: cisco-sa-20150325-ani-ios.nasl

Version: 1.14

Type: combined

Family: CISCO

Published: 4/6/2015

Updated: 12/1/2020

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 6.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C

CVSS Score Source: CVE-2015-0637

Vulnerability Information

CPE: cpe:/o:cisco:ios

Required KB Items: Host/Cisco/IOS/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 4/3/2015

Vulnerability Publication Date: 3/25/2015

Reference Information

CVE: CVE-2015-0635, CVE-2015-0636, CVE-2015-0637

BID: 73339, 73341, 73343