CVE-2015-0708

EUVD-2015-0721
Cisco IOS 15.4S, 15.4SN, and 15.5S and IOS XE 3.13S and 3.14S allow remote attackers to cause a denial of service (device crash) by including an IA_NA option in a DHCPv6 Solicit message on the local network, aka Bug ID CSCur29956.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.1 UNKNOWN
ADJACENT_NETWORK
LOW
AV:A/AC:L/Au:N/C:N/I:N/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 39%
Affected Products (NVD)
VendorProductVersion
ciscoios_xe
3.13s.0:s.0
ciscoios_xe
3.13s.1:s.1
ciscoios_xe
3.14s.0:s.0
ciscoios
15.4\(3\)s
ciscoios
15.4\(3\)s1
ciscoios
15.4\(3\)sn1
ciscoios
15.4s:s
ciscoios
15.4sn:sn
ciscoios
15.5\(1\)s
ciscoios
15.5s:s
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/viewAlert.x?alertId=38543
http://www.securitytracker.com/id/1032210
http://tools.cisco.com/security/center/viewAlert.x?alertId=38543
http://www.securitytracker.com/id/1032210