Details of VAR-201510-0033

ID

VAR-201510-0033

CVE

CVE-2015-6324

TITLE

Cisco Adaptive Security Appliance Software DHCPv6 Service disruption in relay implementation (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-005599

DESCRIPTION

The DHCPv6 relay implementation in Cisco Adaptive Security Appliance (ASA) software 9.0 before 9.0(4.37), 9.1 before 9.1(6.6), 9.2 before 9.2(4), 9.3 before 9.3(3.5), and 9.4 before 9.4(2) allows remote attackers to cause a denial of service (device reload) via crafted DHCPv6 packets, aka Bug IDs CSCus56252 and CSCus57142. Vendors have confirmed this vulnerability Bug ID CSCus56252 ,and CSCus57142 It is released as.Skillfully crafted by a third party DHCPv6 Service disruption via packets ( Device reload ) There is a possibility of being put into a state. This vulnerability could be exploited by a remote attacker to construct a DHCPv6 response data that could result in a denial of service (device reload). This issue is being tracked by Cisco Bug IDs CSCus56252 and CSCus57142. The following releases are affected: Cisco ASA Software 9.0 prior to 9.0(4.37), 9.1 prior to 9.1(6.6), 9.2 prior to 9.2(4), 9.3 prior to 9.3(3.5), 9.4 prior to 9.4(2)

Trust: 2.61

sources: NVD: CVE-2015-6324 // JVNDB: JVNDB-2015-005599 // CNVD: CNVD-2015-06862 // BID: 77257 // VULHUB: VHN-84285 // VULMON: CVE-2015-6324

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2015-06862

AFFECTED PRODUCTS

vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.2.3.4	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.4.29	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.4.26	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1.5.21	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3.3	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1.4.5	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1.3.2	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3.2.2	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.2.3.3	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1.4	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1.6	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.2.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.4.20	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.4.17	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.3.6	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1.5.15	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1.2.8	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.4.1.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.4.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.4.1.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.4.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1.6.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.2.2.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.4.1.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1.1.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.2.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1.5.10	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.4.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.4.1.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.2.2.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.2.2.8	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.2.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3.1.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.2.10	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.4.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1.5.12	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.3.8	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.4.33	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.4.24	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.4(2)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.2(4)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.1	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.3	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.4	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1(6.6)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.0	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3(3.5)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(4.37)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.2	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2	Trust: 0.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2(<8.2(5.58))	Trust: 0.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.3	Trust: 0.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4(<8.4(7.29))	Trust: 0.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.5-8.7(<8.7(1.17))	Trust: 0.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(<9.0(4.37))	Trust: 0.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1(<9.1(6.8))	Trust: 0.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.2(<9.2(4))	Trust: 0.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3(<9.3(3))	Trust: 0.6
vendor:	cisco	model:	asa services module for cisco catalyst series switches	scope:	eq	version:	65000	Trust: 0.3
vendor:	cisco	model:	asa services module for cisco series routers	scope:	eq	version:	76000	Trust: 0.3
vendor:	cisco	model:	asa series next-generation firewalls	scope:	eq	version:	5500-x0	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliances	scope:	eq	version:	55000	Trust: 0.3
vendor:	cisco	model:	asa cloud firewall	scope:	eq	version:	1000v-	Trust: 0.3
vendor:	cisco	model:	adaptive security virtual appliance	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	0	Trust: 0.3

sources: CNVD: CNVD-2015-06862 // BID: 77257 // JVNDB: JVNDB-2015-005599 // CNNVD: CNNVD-201510-567 // NVD: CVE-2015-6324

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-6324
value:	HIGH
Trust: 1.0
NVD:	CVE-2015-6324
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2015-06862
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201510-567
value:	HIGH
Trust: 0.6
VULHUB:	VHN-84285
value:	HIGH
Trust: 0.1
VULMON:	CVE-2015-6324
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2015-6324
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2015-06862
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-84285
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2015-06862 // VULHUB: VHN-84285 // VULMON: CVE-2015-6324 // JVNDB: JVNDB-2015-005599 // CNNVD: CNNVD-201510-567 // NVD: CVE-2015-6324

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-84285 // JVNDB: JVNDB-2015-005599 // NVD: CVE-2015-6324

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201510-567

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201510-567

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-005599

PATCH

title:	cisco-sa-20151021-asa-dhcp1	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-asa-dhcp1	Trust: 0.8
title:	Patch for Cisco Adaptive Security Appliance Denial of Service Vulnerability (CNVD-2015-06862)	url:	https://www.cnvd.org.cn/patchInfo/show/65896	Trust: 0.6
title:	Cisco Adaptive Security Appliances Software Remediation of resource management error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58411	Trust: 0.6
title:	Cisco: Cisco ASA Software DHCPv6 Relay Denial of Service Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20151021-asa-dhcp1	Trust: 0.1

sources: CNVD: CNVD-2015-06862 // VULMON: CVE-2015-6324 // JVNDB: JVNDB-2015-005599 // CNNVD: CNNVD-201510-567

EXTERNAL IDS

db:	NVD	id:	CVE-2015-6324	Trust: 3.5
db:	SECTRACK	id:	1033912	Trust: 1.2
db:	JVNDB	id:	JVNDB-2015-005599	Trust: 0.8
db:	CNNVD	id:	CNNVD-201510-567	Trust: 0.7
db:	CNVD	id:	CNVD-2015-06862	Trust: 0.6
db:	BID	id:	77257	Trust: 0.4
db:	VULHUB	id:	VHN-84285	Trust: 0.1
db:	VULMON	id:	CVE-2015-6324	Trust: 0.1

sources: CNVD: CNVD-2015-06862 // VULHUB: VHN-84285 // VULMON: CVE-2015-6324 // BID: 77257 // JVNDB: JVNDB-2015-005599 // CNNVD: CNNVD-201510-567 // NVD: CVE-2015-6324

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151021-asa-dhcp1	Trust: 2.8
url:	http://www.securitytracker.com/id/1033912	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6324	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6324	Trust: 0.8
url:	http://www.cisco.com/en/us/products/ps6120/index.html	Trust: 0.3
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/399.html	Trust: 0.1
url:	https://www.rapid7.com/db/vulnerabilities/cisco-asa-cve-2015-6324	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2015-06862 // VULHUB: VHN-84285 // VULMON: CVE-2015-6324 // BID: 77257 // JVNDB: JVNDB-2015-005599 // CNNVD: CNNVD-201510-567 // NVD: CVE-2015-6324

CREDITS

Cisco

Trust: 0.3

sources: BID: 77257

SOURCES

db:	CNVD	id:	CNVD-2015-06862
db:	VULHUB	id:	VHN-84285
db:	VULMON	id:	CVE-2015-6324
db:	BID	id:	77257
db:	JVNDB	id:	JVNDB-2015-005599
db:	CNNVD	id:	CNNVD-201510-567
db:	NVD	id:	CVE-2015-6324

LAST UPDATE DATE

2024-11-23T22:34:56.457000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2015-06862	date:	2015-10-28T00:00:00
db:	VULHUB	id:	VHN-84285	date:	2017-01-04T00:00:00
db:	VULMON	id:	CVE-2015-6324	date:	2017-01-04T00:00:00
db:	BID	id:	77257	date:	2015-10-21T00:00:00
db:	JVNDB	id:	JVNDB-2015-005599	date:	2015-10-28T00:00:00
db:	CNNVD	id:	CNNVD-201510-567	date:	2015-10-30T00:00:00
db:	NVD	id:	CVE-2015-6324	date:	2024-11-21T02:34:47.277

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2015-06862	date:	2015-10-28T00:00:00
db:	VULHUB	id:	VHN-84285	date:	2015-10-25T00:00:00
db:	VULMON	id:	CVE-2015-6324	date:	2015-10-25T00:00:00
db:	BID	id:	77257	date:	2015-10-21T00:00:00
db:	JVNDB	id:	JVNDB-2015-005599	date:	2015-10-28T00:00:00
db:	CNNVD	id:	CNNVD-201510-567	date:	2015-10-26T00:00:00
db:	NVD	id:	CVE-2015-6324	date:	2015-10-25T02:59:05.133