Cisco IOS XE 2.1.0 through 2.2.3 and 2.3.0 on ASR 1000 devices, when NAT Application Layer Gateway is used, allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted H.323 packet, aka Bug ID CSCsx35393, CSCsx07094, and CSCsw93064.
2015-08-31T20:59:06.280
2025-04-12T10:46:40.837
Deferred
CVSSv2: 7.8 (HIGH)
AV:N/AC:L/Au:N/C:N/I:N/A:C
10.0
6.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Operating System | cisco | ios_xe | 2.1.0 | Yes |
Operating System | cisco | ios_xe | 2.1.1 | Yes |
Operating System | cisco | ios_xe | 2.1.2 | Yes |
Operating System | cisco | ios_xe | 2.1.3 | Yes |
Operating System | cisco | ios_xe | 2.2.1 | Yes |
Operating System | cisco | ios_xe | 2.2.2 | Yes |
Operating System | cisco | ios_xe | 2.2.3 | Yes |
Operating System | cisco | ios_xe | 2.3.0 | Yes |
Hardware | cisco | asr_1001 | - | No |
Hardware | cisco | asr_1001-x | - | No |
Hardware | cisco | asr_1002 | - | No |
Hardware | cisco | asr_1002-x | - | No |
Hardware | cisco | asr_1004 | - | No |
Hardware | cisco | asr_1006 | - | No |
Hardware | cisco | asr_1013 | - | No |