CVE-2015-6334

Published Oct 16, 2015

Last updated 8 years ago

Overview

Description: Cisco ASR 5000 and 5500 devices with software 18.0.0.57828 and 19.0.M0.61045 allow remote attackers to cause a denial of service (vpnmgr process restart) via a crafted header in a TACACS packet, aka Bug ID CSCuw01984.
Source: ykramarz@cisco.com
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:asr_5000_software:18.0.0.57828:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE69A4E1-0E64-4C80-83B9-2595AD786628"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asr_5000_software:19.0.m0.61045:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E331E868-4E6C-4AD8-9ECE-346C6901816A"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References