Lucene search

CiscoCISCO-SA-20151008-CPI

HistoryOct 08, 2015 - 9:30 p.m.

Cisco Prime Renegotiation Request Denial of Service Vulnerability

2015-10-0821:30:00

tools.cisco.com

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

48.1%

JSON

A vulnerability in Cisco Prime could allow a remote, unauthenticated attacker to cause a denial of service (DoS) condition.

The vulnerability is due to improper handling of SSL renegotiation requests. An unauthenticated, remote attacker could exploit this vulnerability by sending multiple SSL requests to a targeted system. A successful exploit could cause the system to become unresponsive, resulting in a DoS condition.

Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-cpi[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-cpi”]

CPENameOperatorVersion
cisco prime infrastructureeqany
cisco prime infrastructureeqany

CPE	Name	Operator	Version
	cisco prime infrastructure	eq	any
	cisco prime infrastructure	eq	any

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-cpi

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

48.1%

JSON

Related for CISCO-SA-20151008-CPI