Lucene search

[email protected]CVE-2015-6334

HistoryOct 16, 2015 - 1:59 a.m.

CVE-2015-6334

2015-10-1601:59:00

CWE-20

[email protected]

web.nvd.nist.gov

cisco

asr 5000

asr 5500

denial of service

tacacs

vulnerability

cve-2015-6334

bug id cscuw01984

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

48.4%

JSON

Cisco ASR 5000 and 5500 devices with software 18.0.0.57828 and 19.0.M0.61045 allow remote attackers to cause a denial of service (vpnmgr process restart) via a crafted header in a TACACS packet, aka Bug ID CSCuw01984.

CPENameOperatorVersion
cisco:asr_5000_softwarecisco asr 5000 softwareeq18.0.0.57828
cisco:asr_5000_softwarecisco asr 5000 softwareeq19.0.m0.61045

CPE	Name	Operator	Version
cisco:asr_5000_software	cisco asr 5000 software	eq	18.0.0.57828
cisco:asr_5000_software	cisco asr 5000 software	eq	19.0.m0.61045

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151012-asr

www.securitytracker.com/id/1033792

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

48.4%

JSON

Related for CVE-2015-6334

cvelist1 cisco1 prion1