Cisco IOS XE Autonomic Networking Infrastructure Multiple Vulnerabilities (cisco-sa-20150325-ani)

high Nessus Plugin ID 82585

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

According to its self-reported version, the version of Cisco IOS running on the remote host is affected by the following vulnerabilities :

- A flaw exists in the ANI due to failing to properly validate Autonomic Networking (AN) messages. This could allow a remote attacker to spoof an Autonomic Networking Registration Authority (ANRA) response and gain elevated privileges or cause a denial of service. (CVE-2015-0635)

- A flaw exists in the ANI due to imporperly handling AN messages. This could allow a remote attacker, with a specially crafted AN message, to disrupt autonomic domain services. (CVE-2015-0636)

- A flaw exists in the ANI due to improperly validating AN messages. This could allow a remote attacker, with a specially crafted An message, to cause the device to reload. (CVE-2015-0637)

Note that these issues only affect devices with ANI enabled.

Solution

Apply the relevant patch referenced in the Cisco Security Advisory.

See Also

http://www.nessus.org/u?dabca9f4

https://tools.cisco.com/security/center/viewAlert.x?alertId=37811

https://tools.cisco.com/security/center/viewAlert.x?alertId=37812

https://tools.cisco.com/security/center/viewAlert.x?alertId=37813

Plugin Details

Severity: High

ID: 82585

File Name: cisco-sa-20150325-ani-iosxe.nasl

Version: 1.13

Type: local

Family: CISCO

Published: 4/6/2015

Updated: 11/22/2019

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 6.7

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:C

Temporal Vector: E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:ios_xe

Required KB Items: Host/Cisco/IOS-XE/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 4/3/2015

Vulnerability Publication Date: 3/25/2015

Reference Information

CVE: CVE-2015-0635, CVE-2015-0636, CVE-2015-0637

BID: 73339, 73341, 73343