Details of VAR-201509-0021

ID

VAR-201509-0021

CVE

CVE-2015-6301

TITLE

Cisco ASR 9000 Run on device Cisco IOS of DHCPv6 Service disruption at the server (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-004947

DESCRIPTION

The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun72171. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. This issue is being tracked by Cisco Bug ID CSCun72171

Trust: 2.52

sources: NVD: CVE-2015-6301 // JVNDB: JVNDB-2015-004947 // CNVD: CNVD-2015-06206 // BID: 76791 // VULHUB: VHN-84262

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2015-06206

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xr	scope:	eq	version:	5.2.0_base	Trust: 1.6
vendor:	cisco	model:	asr 9001	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	asr 9912	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	asr 9006	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	asr 9904	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	asr 9922	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	asr 9010	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	asr 9000 series aggregation service router	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	5.2.0(ed) base	Trust: 0.8
vendor:	cisco	model:	ios xr base	scope:	eq	version:	5.2.0	Trust: 0.6
vendor:	cisco	model:	asr series aggregation services routers 5.2.0	scope:	eq	version:	9000	Trust: 0.3

sources: CNVD: CNVD-2015-06206 // BID: 76791 // JVNDB: JVNDB-2015-004947 // CNNVD: CNNVD-201509-384 // NVD: CVE-2015-6301

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-6301
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2015-6301
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2015-06206
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201509-384
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-84262
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-6301
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2015-06206
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-84262
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2015-06206 // VULHUB: VHN-84262 // JVNDB: JVNDB-2015-004947 // CNNVD: CNNVD-201509-384 // NVD: CVE-2015-6301

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-84262 // JVNDB: JVNDB-2015-004947 // NVD: CVE-2015-6301

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201509-384

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201509-384

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-004947

PATCH

title:	41101	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=41101	Trust: 0.8
title:	Patch for Cisco IOS DHCPv6 Server Denial of Service Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/64396	Trust: 0.6

sources: CNVD: CNVD-2015-06206 // JVNDB: JVNDB-2015-004947

EXTERNAL IDS

db:	NVD	id:	CVE-2015-6301	Trust: 3.4
db:	SECTRACK	id:	1033623	Trust: 1.1
db:	JVNDB	id:	JVNDB-2015-004947	Trust: 0.8
db:	CNNVD	id:	CNNVD-201509-384	Trust: 0.7
db:	NSFOCUS	id:	30948	Trust: 0.6
db:	CNVD	id:	CNVD-2015-06206	Trust: 0.6
db:	BID	id:	76791	Trust: 0.4
db:	VULHUB	id:	VHN-84262	Trust: 0.1

sources: CNVD: CNVD-2015-06206 // VULHUB: VHN-84262 // BID: 76791 // JVNDB: JVNDB-2015-004947 // CNNVD: CNNVD-201509-384 // NVD: CVE-2015-6301

REFERENCES

url:	http://tools.cisco.com/security/center/viewalert.x?alertid=41101	Trust: 2.0
url:	http://www.securitytracker.com/id/1033623	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6301	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6301	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/30948	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2015-06206 // VULHUB: VHN-84262 // BID: 76791 // JVNDB: JVNDB-2015-004947 // CNNVD: CNNVD-201509-384 // NVD: CVE-2015-6301

CREDITS

Cisco

Trust: 0.3

sources: BID: 76791

SOURCES

db:	CNVD	id:	CNVD-2015-06206
db:	VULHUB	id:	VHN-84262
db:	BID	id:	76791
db:	JVNDB	id:	JVNDB-2015-004947
db:	CNNVD	id:	CNNVD-201509-384
db:	NVD	id:	CVE-2015-6301

LAST UPDATE DATE

2024-11-23T22:34:56.884000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2015-06206	date:	2015-09-24T00:00:00
db:	VULHUB	id:	VHN-84262	date:	2016-12-29T00:00:00
db:	BID	id:	76791	date:	2015-09-18T00:00:00
db:	JVNDB	id:	JVNDB-2015-004947	date:	2015-09-30T00:00:00
db:	CNNVD	id:	CNNVD-201509-384	date:	2015-09-24T00:00:00
db:	NVD	id:	CVE-2015-6301	date:	2024-11-21T02:34:44.060

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2015-06206	date:	2015-09-24T00:00:00
db:	VULHUB	id:	VHN-84262	date:	2015-09-20T00:00:00
db:	BID	id:	76791	date:	2015-09-18T00:00:00
db:	JVNDB	id:	JVNDB-2015-004947	date:	2015-09-30T00:00:00
db:	CNNVD	id:	CNNVD-201509-384	date:	2015-09-21T00:00:00
db:	NVD	id:	CVE-2015-6301	date:	2015-09-20T14:59:06.960