| |
Vulnerability CVE-2015-0643
Published: 2015-03-26
Description: |
Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12.xS before 3.12.3S, 3.2.xE through 3.7.xE before 3.7.1E, 3.3.xSG, 3.4.xSG, and 3.13.xS before 3.13.2S allow remote attackers to cause a denial of service (memory consumption and device reload) by sending malformed IKEv2 packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCuo75572. |
CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
7.8/10 |
6.9/10 |
10/10 |
Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
No required |
Confidentiality impact |
Integrity impact |
Availability impact |
None |
None |
Complete |
References: |
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ikev2
http://tools.cisco.com/security/center/viewAlert.x?alertId=37815
http://www.securityfocus.com/bid/73333
http://www.securitytracker.com/id/1031978
|
|
|
Copyright 2024, cxsecurity.com
|
|
|