CVE-2015-6279

EPSS 0.58%
Veröffentlicht 28.09.2015 02:59:11
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle psirt@cisco.com
CVE-Watchlists
Login
Unerledigt
Login

The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3S; and 3.14S before 3.14.2S allows remote attackers to cause a denial of service (device reload) via a malformed ND packet with the Cryptographically Generated Address (CGA) option, aka Bug ID CSCuo04400.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Ios Xe Version3.2se.0

Cisco ≫ Ios Xe Version3.2se.1

Cisco ≫ Ios Xe Version3.2se.2

Cisco ≫ Ios Xe Version3.2se.3

Cisco ≫ Ios Xe Version3.3se.0

Cisco ≫ Ios Xe Version3.3se.1

Cisco ≫ Ios Xe Version3.3se.2

Cisco ≫ Ios Xe Version3.3se.3

Cisco ≫ Ios Xe Version3.3se.4

Cisco ≫ Ios Xe Version3.3se.5

Cisco ≫ Ios Xe Version3.3xo.0

Cisco ≫ Ios Xe Version3.3xo.1

Cisco ≫ Ios Xe Version3.3xo.2

Cisco ≫ Ios Xe Version3.4sg.0

Cisco ≫ Ios Xe Version3.4sg.1

Cisco ≫ Ios Xe Version3.4sg.2

Cisco ≫ Ios Xe Version3.4sg.3

Cisco ≫ Ios Xe Version3.4sg.4

Cisco ≫ Ios Xe Version3.4sg.5

Cisco ≫ Ios Xe Version3.4sg.6

Cisco ≫ Ios Xe Version3.5e.0

Cisco ≫ Ios Xe Version3.5e.1

Cisco ≫ Ios Xe Version3.5e.2

Cisco ≫ Ios Xe Version3.5e.3

Cisco ≫ Ios Xe Version3.6e.0

Cisco ≫ Ios Xe Version3.6e.0a

Cisco ≫ Ios Xe Version3.6e.0b

Cisco ≫ Ios Xe Version3.6e.1

Cisco ≫ Ios Xe Version3.6e.2

Cisco ≫ Ios Xe Version3.6e.2a

Cisco ≫ Ios Xe Version3.7e.0

Cisco ≫ Ios Xe Version3.7e.1

Cisco ≫ Ios Xe Version3.7e.2

Cisco ≫ Ios Xe Version3.10s.0

Cisco ≫ Ios Xe Version3.10s.0a

Cisco ≫ Ios Xe Version3.10s.01

Cisco ≫ Ios Xe Version3.10s.1

Cisco ≫ Ios Xe Version3.10s.2

Cisco ≫ Ios Xe Version3.10s.3

Cisco ≫ Ios Xe Version3.10s.4

Cisco ≫ Ios Xe Version3.11s.0

Cisco ≫ Ios Xe Version3.11s.1

Cisco ≫ Ios Xe Version3.11s.2

Cisco ≫ Ios Xe Version3.11s.3

Cisco ≫ Ios Xe Version3.12s.0

Cisco ≫ Ios Xe Version3.12s.1

Cisco ≫ Ios Xe Version3.12s.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.58%	0.679

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-fhs

Vendor Advisory

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-fhs/cvrf/cisco-sa-20150923-fhs_cvrf.xml

Vendor Advisory

http://www.securitytracker.com/id/1033647

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2015-6279

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-6279

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-6279

EUVD