Details of VAR-201512-0402

ID

VAR-201512-0402

CVE

CVE-2015-6429

TITLE

Cisco IOS and IOS XE Software IKEv1 State Machine Denial of Service Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2015-08445 // CNNVD: CNNVD-201512-539

DESCRIPTION

The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service (IPsec connection termination) via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236. Vendors have confirmed this vulnerability Bug ID CSCuw08236 It is released as. Supplementary information : CWE Vulnerability type by CWE-19: Data Handling ( Data processing ) Has been identified. http://cwe.mitre.org/data/definitions/19.htmlExpertly crafted tunnel endpoint by third party IKEv1 Service disruption via packets (IPsec Disconnection ) There is a possibility of being put into a state. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. Successful exploits may allow attackers to cause the device to crash, denying service to legitimate users

Trust: 2.52

sources: NVD: CVE-2015-6429 // JVNDB: JVNDB-2015-006485 // CNVD: CNVD-2015-08445 // BID: 79745 // VULHUB: VHN-84390

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2015-08445

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(2\)s	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(1\)t	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)m	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(0.17\)t	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15s.0	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.6\(1\)t0a	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(1\)s	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s1	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(3\)s	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17s.1	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)m1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17s.0	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15s.1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16s.0	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(2\)t	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16s.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15s.2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.4 to 15.6	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15 to 3.17	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	15.4-15.6	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15-3.17	Trust: 0.6
vendor:	cisco	model:	ios 15.5 s	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios 15.5 t	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios xe software 3.17.0s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe software 3.16.0s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe software 3.15s.0	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.6 t0a	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.6 t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.5t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.5sn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.5s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.5 m	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.5 t1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.5 sn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.5 s1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe software 3.17.1s	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe software 3.16.1s	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios xe software 3.15.2s	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.6 t	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.6 s	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.5 s1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.5 m1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.5 t2	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.5 s2	scope:	ne	version:	-	Trust: 0.3

sources: CNVD: CNVD-2015-08445 // BID: 79745 // JVNDB: JVNDB-2015-006485 // CNNVD: CNNVD-201512-539 // NVD: CVE-2015-6429

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-6429
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2015-6429
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2015-08445
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201512-539
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-84390
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-6429
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2015-08445
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-84390
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2015-08445 // VULHUB: VHN-84390 // JVNDB: JVNDB-2015-006485 // CNNVD: CNNVD-201512-539 // NVD: CVE-2015-6429

PROBLEMTYPE DATA

problemtype:	CWE-19	Trust: 1.1
problemtype:	CWE-Other	Trust: 0.8

sources: VULHUB: VHN-84390 // JVNDB: JVNDB-2015-006485 // NVD: CVE-2015-6429

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201512-539

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201512-539

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-006485

PATCH

title:	cisco-sa-20151218-ios	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios	Trust: 0.8
title:	Patch for Cisco IOS and IOS XE Software IKEv1 State Machine Denial of Service Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/68885	Trust: 0.6
title:	Cisco IOS and IOS XE Software IKEv1 State Machine Denial of Service Vulnerability Fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59308	Trust: 0.6

sources: CNVD: CNVD-2015-08445 // JVNDB: JVNDB-2015-006485 // CNNVD: CNNVD-201512-539

EXTERNAL IDS

db:	NVD	id:	CVE-2015-6429	Trust: 3.4
db:	SECTRACK	id:	1034505	Trust: 1.1
db:	JVNDB	id:	JVNDB-2015-006485	Trust: 0.8
db:	CNNVD	id:	CNNVD-201512-539	Trust: 0.7
db:	CNVD	id:	CNVD-2015-08445	Trust: 0.6
db:	BID	id:	79745	Trust: 0.4
db:	VULHUB	id:	VHN-84390	Trust: 0.1

sources: CNVD: CNVD-2015-08445 // VULHUB: VHN-84390 // BID: 79745 // JVNDB: JVNDB-2015-006485 // CNNVD: CNNVD-201512-539 // NVD: CVE-2015-6429

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151218-ios	Trust: 2.6
url:	http://www.securitytracker.com/id/1034505	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6429	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6429	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3
url:	http://www.cisco.com/en/us/products/sw/iosswrel/products_ios_cisco_ios_software_category_home.html	Trust: 0.3

sources: CNVD: CNVD-2015-08445 // VULHUB: VHN-84390 // BID: 79745 // JVNDB: JVNDB-2015-006485 // CNNVD: CNNVD-201512-539 // NVD: CVE-2015-6429

CREDITS

Cisco

Trust: 0.3

sources: BID: 79745

SOURCES

db:	CNVD	id:	CNVD-2015-08445
db:	VULHUB	id:	VHN-84390
db:	BID	id:	79745
db:	JVNDB	id:	JVNDB-2015-006485
db:	CNNVD	id:	CNNVD-201512-539
db:	NVD	id:	CVE-2015-6429

LAST UPDATE DATE

2024-11-23T23:09:13.359000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2015-08445	date:	2015-12-23T00:00:00
db:	VULHUB	id:	VHN-84390	date:	2016-12-07T00:00:00
db:	BID	id:	79745	date:	2015-12-18T00:00:00
db:	JVNDB	id:	JVNDB-2015-006485	date:	2015-12-22T00:00:00
db:	CNNVD	id:	CNNVD-201512-539	date:	2015-12-24T00:00:00
db:	NVD	id:	CVE-2015-6429	date:	2024-11-21T02:34:58.960

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2015-08445	date:	2015-12-23T00:00:00
db:	VULHUB	id:	VHN-84390	date:	2015-12-19T00:00:00
db:	BID	id:	79745	date:	2015-12-18T00:00:00
db:	JVNDB	id:	JVNDB-2015-006485	date:	2015-12-22T00:00:00
db:	CNNVD	id:	CNNVD-201512-539	date:	2015-12-21T00:00:00
db:	NVD	id:	CVE-2015-6429	date:	2015-12-19T14:59:00.123