CVE-2015-6282Improper Input Validation in Cisco IOS XE

CWE-20Improper Input ValidationCWE-3994 documents4 sources
Severity
7.8HIGHNVD
EPSS
0.4%
top 38.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS XE
Timeline
PublishedSep 26
Latest updateMay 17

Description

Cisco IOS XE 2.x and 3.x before 3.10.6S, 3.11.xS through 3.13.xS before 3.13.3S, and 3.14.xS through 3.15.xS before 3.15.1S allows remote attackers to cause a denial of service (device reload) via IPv4 packets that require NAT and MPLS actions, aka Bug ID CSCut96933.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

NVDcisco/ios_xe95 versions+94

🔴Vulnerability Details

2
GHSA
GHSA-v647-rcp7-mvr8: Cisco IOS XE 22022-05-17
CVEList
CVE-2015-6282: Cisco IOS XE 22015-09-25

📋Vendor Advisories

1
Cisco
Cisco IOS XE Software Network Address Translation Denial of Service Vulnerability2015-09-23
CVE-2015-6282 — Improper Input Validation in Cisco | cvebase