CVE-2015-6278Improper Input Validation in Cisco IOS

CWE-20Improper Input Validation4 documents4 sources
Severity
7.8HIGHNVD
EPSS
0.6%
top 31.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco IOSCisco IOS XE
Timeline
PublishedSep 28
Latest updateMay 17

Description

The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3S; and 3.14S before 3.14.2S does not properly implement the Control Plane Protection (aka CPPr) feature, which allows remote attackers to cause a denial of service (device reload) via a flood of ND packe

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages2 packages

NVDcisco/ios99 versions+98
NVDcisco/ios_xe56 versions+55

🔴Vulnerability Details

2
GHSA
GHSA-6wr5-4h5x-7w4v: The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 122022-05-17
CVEList
CVE-2015-6278: The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 122015-09-28

📋Vendor Advisories

1
Cisco
Cisco IOS and IOS XE Software IPv6 First Hop Security Denial of Service Vulnerabilities2015-09-23
CVE-2015-6278 — Improper Input Validation in Cisco IOS | cvebase