Vulnerability Description
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS 15.3(3)S0.1 on ASR devices mishandles internal tables, which allows remote attackers to cause a denial of service (memory consumption or device crash) via a flood of crafted ND messages, aka Bug ID CSCup28217.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios | 15.2\(4\)e |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
- http://www.securityfocus.com/bid/79200
- http://www.securitytracker.com/id/1034432
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
- http://www.securityfocus.com/bid/79200
- http://www.securitytracker.com/id/1034432
FAQ
What is CVE-2015-6359?
CVE-2015-6359 is a vulnerability with a CVSS score of 6.1 (MEDIUM). The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS 15.3(3)S0.1 on ASR devices mishandles internal tables, which allows remote attackers to cause a denial of service (me...
How severe is CVE-2015-6359?
CVE-2015-6359 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-6359?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios.