Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2015-0742

The Protocol Independent Multicast (PIM) application in Cisco Adaptive Security Appliance (ASA) Software 9.2(0.0), 9.2(0.104), 9.2(3.1), 9.2(3.4), 9.3(1.105), 9.3(2.100), 9.4(0.115), 100.13(0.21), 100.13(20.3), 100.13(21.9), and 100.14(1.1) does not properly implement multicast-forwarding registration, which allows remote attackers to cause a denial of service (forwarding outage) via a crafted multicast packet, aka Bug ID CSCus74398.

Published

2015-05-21T10:59:02.067

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.0 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: PARTIAL
Exploitability Score

10.0

Impact Score

2.9

Weaknesses
  • Type: Primary
    CWE-399
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application cisco adaptive_security_appliance_software 9.2\(3.4\) Yes
Application cisco adaptive_security_appliance_software 9.4\(0.115\) Yes
Application cisco adaptive_security_appliance_software 100.13\(0.21\) Yes
Application cisco adaptive_security_appliance_software 100.13\(20.3\) Yes
Application cisco adaptive_security_appliance_software 100.13\(21.9\) Yes
Operating System cisco adaptive_security_appliance_software 9.2\(0.0\) Yes
Operating System cisco adaptive_security_appliance_software 9.2\(0.104\) Yes
Operating System cisco adaptive_security_appliance_software 9.2\(3.1\) Yes
Operating System cisco adaptive_security_appliance_software 9.3\(1.105\) Yes
Operating System cisco adaptive_security_appliance_software 9.3\(2.100\) Yes
Operating System cisco adaptive_security_appliance_software 100.14\(1.1\) Yes
References