Overview
- Description
- The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS 15.3(3)S0.1 on ASR devices mishandles internal tables, which allows remote attackers to cause a denial of service (memory consumption or device crash) via a flood of crafted ND messages, aka Bug ID CSCup28217.
- Source
- ykramarz@cisco.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.1
- Impact score
- 6.9
- Exploitability score
- 6.5
- Vector string
- AV:A/AC:L/Au:N/C:N/I:N/A:C
Weaknesses
- nvd@nist.gov
- CWE-119
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)e:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2CE9B41B-B1B5-45A2-8DBE-775B1CE4F2C8"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)pi:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A74FEC07-39B4-439C-A105-9AE120753ECB"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)st:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ABB660B0-45DD-418B-A80F-7C95B54FF1FD"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5\\)st:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C83299B-5B06-4431-AB04-4152A27D7A09"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)s0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DD5A2192-7DFE-493B-AF63-0305D3B82017"
}
],
"operator": "OR"
}
]
}
]