CVE-2015-0742 (CNNVD-201505-458)
中文标题:
Cisco Adaptive Security Appliances Software Protocol Independent Multicast 代码注入漏洞
英文标题:
The Protocol Independent Multicast (PIM) application in Cisco Adaptive Security Appliance (ASA) Soft...
漏洞描述
中文描述:
Cisco Adaptive Security Appliances(ASA,自适应安全设备)Software是美国思科(Cisco)公司的一套运行于防火墙中的操作系统。Protocol Independent Multicast(PIM)application是其中的一个多播路由协议的集合。 Cisco ASA Software的PIM应用程序中存在安全漏洞,该漏洞源于程序没有正确执行multicast-forwarding注册功能。远程攻击者可借助特制的组播数据包利用该漏洞造成拒绝服务(转发中断)。以下版本受到影响:Cisco ASA Software 9.2(0.0)版本,9.2(0.104)版本,9.2(3.1)版本,9.2(3.4)版本,9.3(1.105)版本,9.3(2.100)版本,9.4(0.115)版本,100.13(0.21)版本,100.13(20.3)版本,100.13(21.9)版本,100.14(1.1)版本。
英文描述:
The Protocol Independent Multicast (PIM) application in Cisco Adaptive Security Appliance (ASA) Software 9.2(0.0), 9.2(0.104), 9.2(3.1), 9.2(3.4), 9.3(1.105), 9.3(2.100), 9.4(0.115), 100.13(0.21), 100.13(20.3), 100.13(21.9), and 100.14(1.1) does not properly implement multicast-forwarding registration, which allows remote attackers to cause a denial of service (forwarding outage) via a crafted multicast packet, aka Bug ID CSCus74398.
CWE类型:
标签:
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| cisco | adaptive_security_appliance_software | 9.2\(3.4\) | - | - |
cpe:2.3:a:cisco:adaptive_security_appliance_software:9.2\(3.4\):*:*:*:*:*:*:*
|
| cisco | adaptive_security_appliance_software | 9.4\(0.115\) | - | - |
cpe:2.3:a:cisco:adaptive_security_appliance_software:9.4\(0.115\):*:*:*:*:*:*:*
|
| cisco | adaptive_security_appliance_software | 100.13\(0.21\) | - | - |
cpe:2.3:a:cisco:adaptive_security_appliance_software:100.13\(0.21\):*:*:*:*:*:*:*
|
| cisco | adaptive_security_appliance_software | 100.13\(20.3\) | - | - |
cpe:2.3:a:cisco:adaptive_security_appliance_software:100.13\(20.3\):*:*:*:*:*:*:*
|
| cisco | adaptive_security_appliance_software | 100.13\(21.9\) | - | - |
cpe:2.3:a:cisco:adaptive_security_appliance_software:100.13\(21.9\):*:*:*:*:*:*:*
|
| cisco | adaptive_security_appliance_software | 9.2\(0.0\) | - | - |
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\(0.0\):*:*:*:*:*:*:*
|
| cisco | adaptive_security_appliance_software | 9.2\(0.104\) | - | - |
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\(0.104\):*:*:*:*:*:*:*
|
| cisco | adaptive_security_appliance_software | 9.2\(3.1\) | - | - |
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\(3.1\):*:*:*:*:*:*:*
|
| cisco | adaptive_security_appliance_software | 9.3\(1.105\) | - | - |
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\(1.105\):*:*:*:*:*:*:*
|
| cisco | adaptive_security_appliance_software | 9.3\(2.100\) | - | - |
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\(2.100\):*:*:*:*:*:*:*
|
| cisco | adaptive_security_appliance_software | 100.14\(1.1\) | - | - |
cpe:2.3:o:cisco:adaptive_security_appliance_software:100.14\(1.1\):*:*:*:*:*:*:*
|
解决方案
中文解决方案:
英文解决方案:
临时解决方案:
CVSS评分详情
AV:N/AC:L/Au:N/C:N/I:N/A:P
时间信息
利用信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2015-0742 |
2025-11-11 15:18:53 | 2025-11-11 07:33:58 |
| NVD | nvd_CVE-2015-0742 |
2025-11-11 14:54:50 | 2025-11-11 07:42:41 |
| CNNVD | cnnvd_CNNVD-201505-458 |
2025-11-11 15:09:34 | 2025-11-11 07:52:00 |
版本与语言
安全公告
变更历史
查看详细变更
- vulnerability_type: 未提取 -> 资源管理错误
- cnnvd_id: 未提取 -> CNNVD-201505-458
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
查看详细变更
- cvss_score: 未提取 -> 5.0
- cvss_vector: NOT_EXTRACTED -> AV:N/AC:L/Au:N/C:N/I:N/A:P
- cvss_version: NOT_EXTRACTED -> 2.0
- affected_products_count: 0 -> 11
- data_sources: ['cve'] -> ['cve', 'nvd']