Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-20151214-IOS
HistoryDec 14, 2015 - 10:38 p.m.

Cisco IOS XE Software IPv6 Neighbor Discovery Denial of Service Vulnerability

2015-12-1422:38:00
tools.cisco.com
10

CVSS2

6.1

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

EPSS

0.004

Percentile

74.8%

JSON

A vulnerability in the IPv6 neighbor discovery (ND) handling of Cisco IOS XE Software on ASR platforms could allow an unauthenticated, adjacent attacker to cause an affected device to crash.

The vulnerability is due to insufficient bounds on internal tables. An attacker could exploit this vulnerability by flooding an adjacent IOS XE device with specific ND messages. An exploit could allow the attacker to deplete the available memory, possibly causing an affected device to crash.

Cisco has released software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151214-ios[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151214-ios”]

Affected configurations

Vulners
Node
ciscocisco_iosMatch3.14sxe
OR
ciscocisco_iosMatch3.15sxe
OR
ciscocisco_iosMatch3.16sxe
OR
ciscocisco_iosMatch3.14.0sxe
OR
ciscocisco_iosMatch3.14.1sxe
OR
ciscocisco_iosMatch3.14.2sxe
OR
ciscocisco_iosMatch3.14.3sxe
OR
ciscocisco_iosMatch3.14.4sxe
OR
ciscocisco_iosMatch3.15.0sxe
OR
ciscocisco_iosMatch3.15.1sxe
OR
ciscocisco_iosMatch3.16.0sxe
VendorProductVersionCPE
ciscocisco_ios3.14scpe:2.3:o:cisco:cisco_ios:3.14s:xe:*:*:*:*:*:*
ciscocisco_ios3.15scpe:2.3:o:cisco:cisco_ios:3.15s:xe:*:*:*:*:*:*
ciscocisco_ios3.16scpe:2.3:o:cisco:cisco_ios:3.16s:xe:*:*:*:*:*:*
ciscocisco_ios3.14.0scpe:2.3:o:cisco:cisco_ios:3.14.0s:xe:*:*:*:*:*:*
ciscocisco_ios3.14.1scpe:2.3:o:cisco:cisco_ios:3.14.1s:xe:*:*:*:*:*:*
ciscocisco_ios3.14.2scpe:2.3:o:cisco:cisco_ios:3.14.2s:xe:*:*:*:*:*:*
ciscocisco_ios3.14.3scpe:2.3:o:cisco:cisco_ios:3.14.3s:xe:*:*:*:*:*:*
ciscocisco_ios3.14.4scpe:2.3:o:cisco:cisco_ios:3.14.4s:xe:*:*:*:*:*:*
ciscocisco_ios3.15.0scpe:2.3:o:cisco:cisco_ios:3.15.0s:xe:*:*:*:*:*:*
ciscocisco_ios3.15.1scpe:2.3:o:cisco:cisco_ios:3.15.1s:xe:*:*:*:*:*:*
Rows per page:
1-10 of 111

Related

openvas 1
cvelist 1
prion 1
nessus 1
nvd 1
cve 1
openvas
openvas
Cisco IOS XE Software IPv6 Neighbor Discovery Denial of Service Vulnerability
2016-05-10 00:00:00
cvelist
cvelist
CVE-2015-6359
2015-12-15 02:00:00
prion
prion
Code injection
2015-12-15 05:59:00
nessus
nessus
Cisco IOS XE Software IPv6 Neighbor Discovery DoS (CSCup28217)
2015-12-18 00:00:00
nvd
nvd
CVE-2015-6359
2015-12-15 05:59:02
cve
cve
CVE-2015-6359
2015-12-15 05:59:02

CVSS2

6.1

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

EPSS

0.004

Percentile

74.8%

JSON
Related for CISCO-SA-20151214-IOS
openvas1cvelist1prion1nessus1nvd1cve1