Vulnerability-Lookup

CVE-2015-6429 (GCVE-0-2015-6429)

Vulnerability from cvelistv5 – Published: 2015-12-19 11:00 – Updated: 2024-08-06 07:22

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

GSD-2015-6429

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2015-6429

Aliases

CVE-2015-6429

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-6429",
    "description": "The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service (IPsec connection termination) via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236.",
    "id": "GSD-2015-6429"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-6429"
      ],
      "details": "The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service (IPsec connection termination) via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236.",
      "id": "GSD-2015-6429",
      "modified": "2023-12-13T01:20:04.213705Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2015-6429",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service (IPsec connection termination) via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20151218 Cisco IOS and IOS XE Software IKEv1 State Machine Denial of Service Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios"
          },
          {
            "name": "1034505",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1034505"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(2\\)t:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(1\\)t:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(2\\)s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(0.17\\)t:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.4\\(3\\)s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(1\\)s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.6\\(1\\)t0a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.16s.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.15s.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.17s.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.17s.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.16s.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.15s.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.15s.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2015-6429"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service (IPsec connection termination) via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-19"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20151218 Cisco IOS and IOS XE Software IKEv1 State Machine Denial of Service Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios"
            },
            {
              "name": "1034505",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1034505"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2016-12-07T18:20Z",
      "publishedDate": "2015-12-19T14:59Z"
    }
  }
}

CERTFR-2015-AVI-557

Vulnerability from certfr_avis - Published: 2015-12-21 - Updated: 2015-12-21

De multiples vulnérabilités ont été corrigées dans Cisco IOS et IOS XE. Elles permettent à un attaquant de provoquer un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	IOS XE	Cisco IOS etCisco IOS XE versions antérieures à 15.6(1)S (3.17.1S)
Cisco	IOS XE	Cisco IOS etCisco IOS XE versions antérieures à 15.5(2)S2 (3.15.2S)
Cisco	IOS XE	Cisco IOS etCisco IOS XE versions antérieures à 15.5(2)T2
Cisco	IOS XE	Cisco IOS etCisco IOS XE versions antérieures à 15.5(3)S1 (3.16.1S)
Cisco	IOS XE	Cisco IOS etCisco IOS XE versions antérieures à 15.6(1)T
Cisco	IOS XE	Cisco IOS etCisco IOS XE versions antérieures à 15.5(3)M1

References

Title

Publication Time

FKIE_CVE-2015-6429

Vulnerability from fkie_nvd - Published: 2015-12-19 14:59 - Updated: 2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios	Vendor Advisory
psirt@cisco.com	http://www.securitytracker.com/id/1034505
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034505

Impacted products

Vendor	Product	Version
cisco	ios	15.4\(3\)s
cisco	ios	15.5\(1\)s
cisco	ios	15.5\(1\)t
cisco	ios	15.5\(2\)s
cisco	ios	15.5\(2\)t
cisco	ios	15.5\(3\)m
cisco	ios	15.5\(3\)m1
cisco	ios	15.5\(3\)s
cisco	ios	15.5\(3\)s1
cisco	ios	15.6\(0.17\)t
cisco	ios	15.6\(1\)t0a
cisco	ios_xe	3.15s.0
cisco	ios_xe	3.15s.1
cisco	ios_xe	3.15s.2
cisco	ios_xe	3.16s.0
cisco	ios_xe	3.16s.1
cisco	ios_xe	3.17s.0
cisco	ios_xe	3.17s.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)s:*:*:*:*:*:*:*",
              "matchCriteriaId": "C63FF7C4-D9CE-4D6C-B36E-0C0DC06F453E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)s:*:*:*:*:*:*:*",
              "matchCriteriaId": "9613EE90-A90A-4817-A5A1-F78A9F3BA571",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)t:*:*:*:*:*:*:*",
              "matchCriteriaId": "59F21FEC-A536-45CB-9AE5-61CE45EAD1B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(2\\)s:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A259566-AA04-4DE8-900D-865384E56C8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(2\\)t:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A4E00DF-60FD-48F2-A69A-D709A5657F6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m:*:*:*:*:*:*:*",
              "matchCriteriaId": "716EC9AA-0569-4FA7-A244-1A14FA15C5AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m1:*:*:*:*:*:*:*",
              "matchCriteriaId": "097D1950-6159-45A2-8653-D3F90044D0C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s:*:*:*:*:*:*:*",
              "matchCriteriaId": "1194A7BD-CB51-42CD-96E6-9ACF126DD8CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F40A87C1-5EDB-4B50-84CF-729F5037E870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(0.17\\)t:*:*:*:*:*:*:*",
              "matchCriteriaId": "96BDDBD0-684C-4E90-ACF9-F45D4B85835F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(1\\)t0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "679DCA8C-F64B-4716-BCC9-9C461A89CB29",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15s.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D9E5471-04AF-47A5-ACC7-335516356BDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15s.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB8A0099-DE49-4AB6-A408-EE5D62642D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15s.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE69B061-8523-487E-B749-28D56458A621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16s.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "25257039-7860-4424-8C92-267FC444DA33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16s.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0D78F52-7B40-4A9B-AC8E-150AFCAA7AF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.17s.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "203E013A-85E3-4D5B-A863-86297134BA04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.17s.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BB0A028-FA64-4899-AEC7-D6C5040E7C0E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service (IPsec connection termination) via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236."
    },
    {
      "lang": "es",
      "value": "La m\u00e1quina de estado IKEv1 en Cisco IOS 15.4 hasta la versi\u00f3n 15.6 y IOS XE 3.15 hasta la versi\u00f3n 3.17 permite a atacantes remotos causar una denegaci\u00f3n de servicio (terminaci\u00f3n de conexi\u00f3n IPsec) a trav\u00e9s de un paquete IKEv1 manipulado en un dispositivo final del tunel, tambi\u00e9n conocida como Bug ID CSCuw08236."
    }
  ],
  "id": "CVE-2015-6429",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-12-19T14:59:00.123",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1034505"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034505"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-19"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2015-08445

Vulnerability from cnvd - Published: 2015-12-23

Title

Cisco IOS及IOS XE Software IKEv1状态机拒绝服务漏洞

Description

Cisco IOS是多数思科系统路由器和网络交换机上使用的互联网络操作系统。 Cisco IOS及Cisco IOS XE Software的IKEv1状态机中存在安全漏洞。未经身份验证的远程攻击者发送欺骗性的IKEv1数据包到IPsec隧道的端点，利用此漏洞关闭IPsec隧道，造成拒绝服务。

Severity

中

Patch Name

Cisco IOS及IOS XE Software IKEv1状态机拒绝服务漏洞的补丁

Patch Description

Cisco IOS是多数思科系统路由器和网络交换机上使用的互联网络操作系统。 Cisco IOS及Cisco IOS XE Software的IKEv1状态机中存在安全漏洞。未经身份验证的远程攻击者发送欺骗性的IKEv1数据包到IPsec隧道的端点，利用此漏洞关闭IPsec隧道，造成拒绝服务。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

Cisco已经为此发布了一个安全公告（cisco-sa-20151218-ios）以及相应补丁: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios

Impacted products

Name
['Cisco IOS 15.4 - 15.6', 'Cisco IOS XE 3.15 - 3.17']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-6429"
    }
  },
  "description": "Cisco IOS\u662f\u591a\u6570\u601d\u79d1\u7cfb\u7edf\u8def\u7531\u5668\u548c\u7f51\u7edc\u4ea4\u6362\u673a\u4e0a\u4f7f\u7528\u7684\u4e92\u8054\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nCisco IOS\u53caCisco IOS XE Software\u7684IKEv1\u72b6\u6001\u673a\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u53d1\u9001\u6b3a\u9a97\u6027\u7684IKEv1\u6570\u636e\u5305\u5230IPsec\u96a7\u9053\u7684\u7aef\u70b9\uff0c\u5229\u7528\u6b64\u6f0f\u6d1e\u5173\u95edIPsec\u96a7\u9053\uff0c\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "Cisco",
  "formalWay": "Cisco\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08cisco-sa-20151218-ios\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-08445",
  "openTime": "2015-12-23",
  "patchDescription": "Cisco IOS\u662f\u591a\u6570\u601d\u79d1\u7cfb\u7edf\u8def\u7531\u5668\u548c\u7f51\u7edc\u4ea4\u6362\u673a\u4e0a\u4f7f\u7528\u7684\u4e92\u8054\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nCisco IOS\u53caCisco IOS XE Software\u7684IKEv1\u72b6\u6001\u673a\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u53d1\u9001\u6b3a\u9a97\u6027\u7684IKEv1\u6570\u636e\u5305\u5230IPsec\u96a7\u9053\u7684\u7aef\u70b9\uff0c\u5229\u7528\u6b64\u6f0f\u6d1e\u5173\u95edIPsec\u96a7\u9053\uff0c\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco IOS\u53caIOS XE Software IKEv1\u72b6\u6001\u673a\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco IOS 15.4 - 15.6",
      "Cisco IOS XE 3.15 - 3.17"
    ]
  },
  "referenceLink": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios",
  "serverity": "\u4e2d",
  "submitTime": "2015-12-21",
  "title": "Cisco IOS\u53caIOS XE Software IKEv1\u72b6\u6001\u673a\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

VAR-201512-0402

Vulnerability from variot - Updated: 2025-04-13 23:39

The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service (IPsec connection termination) via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236. Vendors have confirmed this vulnerability Bug ID CSCuw08236 It is released as. Supplementary information : CWE Vulnerability type by CWE-19: Data Handling ( Data processing ) Has been identified. http://cwe.mitre.org/data/definitions/19.htmlExpertly crafted tunnel endpoint by third party IKEv1 Service disruption via packets (IPsec Disconnection ) There is a possibility of being put into a state. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. Successful exploits may allow attackers to cause the device to crash, denying service to legitimate users

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201512-0402",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "15.5\\(2\\)s"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "15.5\\(1\\)t"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "15.5\\(3\\)m"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "15.6\\(0.17\\)t"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "3.15s.0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "15.6\\(1\\)t0a"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "15.5\\(1\\)s"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "15.5\\(3\\)s1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "15.4\\(3\\)s"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "3.17s.1"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.16s.0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "15.5\\(3\\)s"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.17s.0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "15.5\\(3\\)m1"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.16s.1"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.15s.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "15.5\\(2\\)t"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.15s.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "15.4 to  15.6"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "3.15 to  3.17"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "15.4-15.6"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "3.15-3.17"
      },
      {
        "model": "ios 15.5 s",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 15.5 t",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios xe software 3.17.0s",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios xe software 3.16.0s",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios xe software 3.15s.0",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 15.6 t0a",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 15.6 t",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 15.5t",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 15.5sn",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 15.5s",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 15.5 m",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 15.5 t1",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 15.5 sn",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 15.5 s1",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios xe software 3.17.1s",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios xe software 3.16.1s",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios xe software 3.15.2s",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 15.6 t",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 15.6 s",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 15.5 s1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 15.5 m1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 15.5 t2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 15.5 s2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-08445"
      },
      {
        "db": "BID",
        "id": "79745"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006485"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-539"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6429"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:cisco:ios",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:cisco:ios_xe",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006485"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "79745"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2015-6429",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2015-6429",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2015-08445",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-84390",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2015-6429",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2015-6429",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2015-08445",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201512-539",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-84390",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-08445"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84390"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006485"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-539"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6429"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service (IPsec connection termination) via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236. Vendors have confirmed this vulnerability Bug ID CSCuw08236 It is released as. Supplementary information : CWE Vulnerability type by CWE-19: Data Handling ( Data processing ) Has been identified. http://cwe.mitre.org/data/definitions/19.htmlExpertly crafted tunnel endpoint by third party IKEv1 Service disruption via packets (IPsec Disconnection ) There is a possibility of being put into a state. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. \nSuccessful exploits may allow attackers to cause the device to crash, denying service to legitimate users",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-6429"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006485"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-08445"
      },
      {
        "db": "BID",
        "id": "79745"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84390"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2015-6429",
        "trust": 3.4
      },
      {
        "db": "SECTRACK",
        "id": "1034505",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006485",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-539",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-08445",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "79745",
        "trust": 0.4
      },
      {
        "db": "VULHUB",
        "id": "VHN-84390",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-08445"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84390"
      },
      {
        "db": "BID",
        "id": "79745"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006485"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-539"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6429"
      }
    ]
  },
  "id": "VAR-201512-0402",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-08445"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84390"
      }
    ],
    "trust": 1.3709070799999998
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-08445"
      }
    ]
  },
  "last_update_date": "2025-04-13T23:39:36.955000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20151218-ios",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios"
      },
      {
        "title": "Patch for Cisco IOS and IOS XE Software IKEv1 State Machine Denial of Service Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/68885"
      },
      {
        "title": "Cisco IOS  and IOS XE Software IKEv1 State Machine Denial of Service Vulnerability Fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59308"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-08445"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006485"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-539"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-19",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-Other",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-84390"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006485"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6429"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151218-ios"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1034505"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6429"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6429"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/en/us/products/sw/iosswrel/products_ios_cisco_ios_software_category_home.html"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-08445"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84390"
      },
      {
        "db": "BID",
        "id": "79745"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006485"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-539"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6429"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-08445"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84390"
      },
      {
        "db": "BID",
        "id": "79745"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006485"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-539"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6429"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-12-23T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-08445"
      },
      {
        "date": "2015-12-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-84390"
      },
      {
        "date": "2015-12-18T00:00:00",
        "db": "BID",
        "id": "79745"
      },
      {
        "date": "2015-12-22T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-006485"
      },
      {
        "date": "2015-12-21T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201512-539"
      },
      {
        "date": "2015-12-19T14:59:00.123000",
        "db": "NVD",
        "id": "CVE-2015-6429"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-12-23T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-08445"
      },
      {
        "date": "2016-12-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-84390"
      },
      {
        "date": "2015-12-18T00:00:00",
        "db": "BID",
        "id": "79745"
      },
      {
        "date": "2015-12-22T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-006485"
      },
      {
        "date": "2015-12-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201512-539"
      },
      {
        "date": "2025-04-12T10:46:40.837000",
        "db": "NVD",
        "id": "CVE-2015-6429"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-539"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco IOS and IOS XE Software IKEv1 State Machine Denial of Service Vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-08445"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-539"
      }
    ],
    "trust": 1.2
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lack of information",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-539"
      }
    ],
    "trust": 0.6
  }
}

GHSA-RV2Q-3W65-6H82

Vulnerability from github – Published: 2022-05-17 03:26 – Updated: 2022-05-17 03:26

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-6429"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-12-19T14:59:00Z",
    "severity": "MODERATE"
  },
  "details": "The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service (IPsec connection termination) via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236.",
  "id": "GHSA-rv2q-3w65-6h82",
  "modified": "2022-05-17T03:26:32Z",
  "published": "2022-05-17T03:26:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-6429"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1034505"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2015-6429 (GCVE-0-2015-6429)

GSD-2015-6429

CERTFR-2015-AVI-557

Solution

FKIE_CVE-2015-6429

CNVD-2015-08445

VAR-201512-0402

GHSA-RV2Q-3W65-6H82

Tags

Sightings

Nomenclature