CVE-2015-0641Improper Input Validation in Cisco IOS XE

CWE-20Improper Input ValidationCWE-3994 documents4 sources
Severity
7.8HIGHNVD
EPSS
0.4%
top 37.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS XE
Timeline
PublishedMar 26
Latest updateMay 17

Description

Cisco IOS XE 2.x and 3.x before 3.9.0S, 3.10 before 3.10.0S, 3.11 before 3.11.0S, 3.12 before 3.12.0S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via crafted IPv6 packets, aka Bug ID CSCub68073.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

NVDcisco/ios_xe42 versions+41

🔴Vulnerability Details

2
GHSA
GHSA-qxrq-pc62-r432: Cisco IOS XE 22022-05-17
CVEList
CVE-2015-0641: Cisco IOS XE 22015-03-26

📋Vendor Advisories

1
Cisco
Multiple Vulnerabilities in Cisco IOS XE Software for Cisco ASR 1000 Series, Cisco ISR 4400 Series, and Cisco Cloud Services 1000v Series Routers2015-03-25
CVE-2015-0641 — Improper Input Validation in Cisco | cvebase