Vulnerability Description
The IKE implementation in the WS-IPSEC-3 service module in Cisco IOS 12.2 on Catalyst 6500 devices allows remote authenticated users to cause a denial of service (device reload) by sending a crafted message during IPsec tunnel setup, aka Bug ID CSCur70505.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios | 12.2\(33\)sxj8 |
| Cisco | Catalyst 6503-E | - |
| Cisco | Catalyst 6504-E | - |
| Cisco | Catalyst 6506-E | - |
| Cisco | Catalyst 6509-E | - |
| Cisco | Catalyst 6509-Neb-A | - |
| Cisco | Catalyst 6509-V-E | - |
| Cisco | Catalyst 6513 | - |
| Cisco | Catalyst 6513-E | - |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/viewAlert.x?alertId=39233Vendor Advisory
- http://www.securitytracker.com/id/1032517Third Party AdvisoryVDB Entry
- http://tools.cisco.com/security/center/viewAlert.x?alertId=39233Vendor Advisory
- http://www.securitytracker.com/id/1032517Third Party AdvisoryVDB Entry
FAQ
What is CVE-2015-0771?
CVE-2015-0771 is a vulnerability with a CVSS score of 6.3 (MEDIUM). The IKE implementation in the WS-IPSEC-3 service module in Cisco IOS 12.2 on Catalyst 6500 devices allows remote authenticated users to cause a denial of service (device reload) by sending a crafted m...
How severe is CVE-2015-0771?
CVE-2015-0771 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-0771?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios, Cisco Catalyst 6503-E, Cisco Catalyst 6504-E, Cisco Catalyst 6506-E, Cisco Catalyst 6509-E.