Lucene search
HistorySep 28, 2015 - 2:59 a.m.
CVE-2015-6278
cisco
ios
ios xe
ipv6
snooping
vulnerability
denial of service
cve-2015-6278
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
6.6 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
72.2%
The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3S; and 3.14S before 3.14.2S does not properly implement the Control Plane Protection (aka CPPr) feature, which allows remote attackers to cause a denial of service (device reload) via a flood of ND packets, aka Bug ID CSCus19794.
Affected configurations
Node
ciscoiosMatch12.2\(50\)sy
ORciscoiosMatch12.2\(50\)sy1
ORciscoiosMatch12.2\(50\)sy2
ORciscoiosMatch12.2\(50\)sy3
ORciscoiosMatch12.2\(50\)sy4
ORciscoiosMatch15.0\(1\)ex
ORciscoiosMatch15.0\(1\)sy
ORciscoiosMatch15.0\(1\)sy1
ORciscoiosMatch15.0\(1\)sy2
ORciscoiosMatch15.0\(1\)sy3
ORciscoiosMatch15.0\(1\)sy4
ORciscoiosMatch15.0\(1\)sy5
ORciscoiosMatch15.0\(1\)sy6
ORciscoiosMatch15.0\(1\)sy7
ORciscoiosMatch15.0\(1\)sy7a
ORciscoiosMatch15.0\(1\)sy8
ORciscoiosMatch15.0\(2\)ea2
ORciscoiosMatch15.0\(2\)ej
ORciscoiosMatch15.0\(2\)ej1
ORciscoiosMatch15.0\(2\)ez
ORciscoiosMatch15.0\(2\)se
ORciscoiosMatch15.0\(2\)se1
ORciscoiosMatch15.0\(2\)se2
ORciscoiosMatch15.0\(2\)se3
ORciscoiosMatch15.0\(2\)se4
ORciscoiosMatch15.0\(2\)se5
ORciscoiosMatch15.0\(2\)se6
ORciscoiosMatch15.0\(2\)se7
ORciscoiosMatch15.0\(2\)se8
ORciscoiosMatch15.0\(2a\)ex5
ORciscoiosMatch15.1\(1\)sy
ORciscoiosMatch15.1\(1\)sy1
ORciscoiosMatch15.1\(1\)sy2
ORciscoiosMatch15.1\(1\)sy3
ORciscoiosMatch15.1\(1\)sy4
ORciscoiosMatch15.1\(1\)sy5
ORciscoiosMatch15.1\(2\)sg
ORciscoiosMatch15.1\(2\)sg1
ORciscoiosMatch15.1\(2\)sg2
ORciscoiosMatch15.1\(2\)sg3
ORciscoiosMatch15.1\(2\)sg4
ORciscoiosMatch15.1\(2\)sg5
ORciscoiosMatch15.1\(2\)sg6
ORciscoiosMatch15.1\(2\)sy
ORciscoiosMatch15.1\(2\)sy1
ORciscoiosMatch15.1\(2\)sy2
ORciscoiosMatch15.1\(2\)sy3
ORciscoiosMatch15.1\(2\)sy4
ORciscoiosMatch15.1\(2\)sy4a
ORciscoiosMatch15.1\(2\)sy5
ORciscoiosMatch15.2\(1\)e
ORciscoiosMatch15.2\(1\)e1
ORciscoiosMatch15.2\(1\)e2
ORciscoiosMatch15.2\(1\)e3
ORciscoiosMatch15.2\(1\)sy
ORciscoiosMatch15.2\(1\)sy0a
ORciscoiosMatch15.2\(2\)e
ORciscoiosMatch15.2\(2\)e1
ORciscoiosMatch15.2\(2\)e2
ORciscoiosMatch15.2\(2\)ea1
ORciscoiosMatch15.2\(2a\)e1
ORciscoiosMatch15.2\(3\)e
ORciscoiosMatch15.2\(3\)e1
ORciscoiosMatch15.2\(3a\)e
ORciscoiosMatch15.2\(4\)s
ORciscoiosMatch15.2\(4\)s1
ORciscoiosMatch15.2\(4\)s2
ORciscoiosMatch15.2\(4\)s3
ORciscoiosMatch15.2\(4\)s3a
ORciscoiosMatch15.2\(4\)s4
ORciscoiosMatch15.2\(4\)s4a
ORciscoiosMatch15.2\(4\)s5
ORciscoiosMatch15.2\(4\)s6
ORciscoiosMatch15.2\(4\)s7
ORciscoiosMatch15.3\(1\)s
ORciscoiosMatch15.3\(1\)s2
ORciscoiosMatch15.3\(2\)s
ORciscoiosMatch15.3\(2\)s0a
ORciscoiosMatch15.3\(2\)s1
ORciscoiosMatch15.3\(2\)s2
ORciscoiosMatch15.3\(3\)s
ORciscoiosMatch15.3\(3\)s1
ORciscoiosMatch15.3\(3\)s2
ORciscoiosMatch15.3\(3\)s3
ORciscoiosMatch15.3\(3\)s4
ORciscoiosMatch15.3\(3\)s5
ORciscoiosMatch15.4\(1\)s
ORciscoiosMatch15.4\(1\)s1
ORciscoiosMatch15.4\(1\)s2
ORciscoiosMatch15.4\(1\)s3
ORciscoiosMatch15.4\(2\)s
ORciscoiosMatch15.4\(2\)s1
ORciscoiosMatch15.4\(2\)s2
ORciscoiosMatch15.4\(2\)s3
ORciscoiosMatch15.4\(3\)s
ORciscoiosMatch15.4\(3\)s1
ORciscoiosMatch15.4\(3\)s2
ORciscoiosMatch15.5\(1\)s
ORciscoiosMatch15.5\(1\)s1
ORciscoios_xeMatch3.2se.0
ORciscoios_xeMatch3.2se.1
ORciscoios_xeMatch3.2se.2
ORciscoios_xeMatch3.2se.3
ORciscoios_xeMatch3.3se.0
ORciscoios_xeMatch3.3se.1
ORciscoios_xeMatch3.3se.2
ORciscoios_xeMatch3.3se.3
ORciscoios_xeMatch3.3se.4
ORciscoios_xeMatch3.3se.5
ORciscoios_xeMatch3.3xo.0
ORciscoios_xeMatch3.3xo.1
ORciscoios_xeMatch3.3xo.2
ORciscoios_xeMatch3.4sg.0
ORciscoios_xeMatch3.4sg.1
ORciscoios_xeMatch3.4sg.2
ORciscoios_xeMatch3.4sg.3
ORciscoios_xeMatch3.4sg.4
ORciscoios_xeMatch3.4sg.5
ORciscoios_xeMatch3.4sg.6
ORciscoios_xeMatch3.5e.0
ORciscoios_xeMatch3.5e.1
ORciscoios_xeMatch3.5e.2
ORciscoios_xeMatch3.5e.3
ORciscoios_xeMatch3.6e.0
ORciscoios_xeMatch3.6e.0a
ORciscoios_xeMatch3.6e.0b
ORciscoios_xeMatch3.6e.1
ORciscoios_xeMatch3.6e.2
ORciscoios_xeMatch3.6e.2a
ORciscoios_xeMatch3.7e.0
ORciscoios_xeMatch3.7e.1
ORciscoios_xeMatch3.9s.0
ORciscoios_xeMatch3.9s.1
ORciscoios_xeMatch3.9s.2
ORciscoios_xeMatch3.10s.0
ORciscoios_xeMatch3.10s.0a
ORciscoios_xeMatch3.10s.01
ORciscoios_xeMatch3.10s.1
ORciscoios_xeMatch3.10s.2
ORciscoios_xeMatch3.10s.3
ORciscoios_xeMatch3.10s.4
ORciscoios_xeMatch3.10s.5
ORciscoios_xeMatch3.11s.0
ORciscoios_xeMatch3.11s.1
ORciscoios_xeMatch3.11s.2
ORciscoios_xeMatch3.11s.3
ORciscoios_xeMatch3.12s.0
ORciscoios_xeMatch3.12s.1
ORciscoios_xeMatch3.12s.2
ORciscoios_xeMatch3.12s.3
ORciscoios_xeMatch3.13s.0
ORciscoios_xeMatch3.13s.1
ORciscoios_xeMatch3.13s.2
ORciscoios_xeMatch3.14s.0
ORciscoios_xeMatch3.14s.1
Related
nvd
nvd
CVE-2015-6278
2015-09-28 02:59:09
prion
prion
Design/Logic Flaw
2015-09-28 02:59:00
cvelist
cvelist
CVE-2015-6278
2015-09-28 01:00:00
nessus
nessus
Cisco IOS IPv6 Snooping DoS (cisco-sa-20150923-fhs)
2015-10-02 00:00:00
Cisco IOS XE IPv6 Snooping DoS (cisco-sa-20150923-fhs)
2015-10-02 00:00:00
openvas
openvas
cisco
cisco
securityvulns
securityvulns
Cisco IOS / Cisco IOS XE multiple security vulnerabilities
2015-10-12 00:00:00
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
6.6 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
72.2%
Related for CVE-2015-6278