CVE-2015-6429 - Vulnerability Details - OpenCVE

The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service (IPsec connection termination) via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Ios Ios Xe

Configuration 1 [-]

OR	cpe:2.3:o:cisco:ios:15.4\(3\)s:::::::*
	cpe:2.3:o:cisco:ios:15.5\(1\)s:::::::*
	cpe:2.3:o:cisco:ios:15.5\(1\)t:::::::*
	cpe:2.3:o:cisco:ios:15.5\(2\)s:::::::*
	cpe:2.3:o:cisco:ios:15.5\(2\)t:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)m:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)m1:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)s:::::::*
	cpe:2.3:o:cisco:ios:15.5\(3\)s1:::::::*
	cpe:2.3:o:cisco:ios:15.6\(0.17\)t:::::::*
	cpe:2.3:o:cisco:ios:15.6\(1\)t0a:::::::*

Configuration 2 [-]

OR	cpe:2.3:o:cisco:ios_xe:3.15s.0:::::::*
	cpe:2.3:o:cisco:ios_xe:3.15s.1:::::::*
	cpe:2.3:o:cisco:ios_xe:3.15s.2:::::::*
	cpe:2.3:o:cisco:ios_xe:3.16s.0:::::::*
	cpe:2.3:o:cisco:ios_xe:3.16s.1:::::::*
	cpe:2.3:o:cisco:ios_xe:3.17s.0:::::::*
	cpe:2.3:o:cisco:ios_xe:3.17s.1:::::::*

No data.

References

Link	Providers
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios
http://www.securitytracker.com/id/1034505

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2015-12-19T11:00:00

Updated: 2024-08-06T07:22:21.615Z

Reserved: 2015-08-17T00:00:00

Link: CVE-2015-6429

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2015-12-19T14:59:00.123

Modified: 2025-04-12T10:46:40.837

Link: CVE-2015-6429

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-12-18T00:00:00", "descriptions": [{"lang": "en", "value": "The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service (IPsec connection termination) via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-05T14:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20151218 Cisco IOS and IOS XE Software IKEv1 State Machine Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios"}, {"name": "1034505", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1034505"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2015-6429", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service (IPsec connection termination) via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20151218 Cisco IOS and IOS XE Software IKEv1 State Machine Denial of Service Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios"}, {"name": "1034505", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034505"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T07:22:21.615Z"}, "title": "CVE Program Container", "references": [{"name": "20151218 Cisco IOS and IOS XE Software IKEv1 State Machine Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios"}, {"name": "1034505", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1034505"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2015-6429", "datePublished": "2015-12-19T11:00:00", "dateReserved": "2015-08-17T00:00:00", "dateUpdated": "2024-08-06T07:22:21.615Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)s:*:*:*:*:*:*:*", "matchCriteriaId": "C63FF7C4-D9CE-4D6C-B36E-0C0DC06F453E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)s:*:*:*:*:*:*:*", "matchCriteriaId": "9613EE90-A90A-4817-A5A1-F78A9F3BA571", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(1\\)t:*:*:*:*:*:*:*", "matchCriteriaId": "59F21FEC-A536-45CB-9AE5-61CE45EAD1B7", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(2\\)s:*:*:*:*:*:*:*", "matchCriteriaId": "3A259566-AA04-4DE8-900D-865384E56C8E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(2\\)t:*:*:*:*:*:*:*", "matchCriteriaId": "7A4E00DF-60FD-48F2-A69A-D709A5657F6A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m:*:*:*:*:*:*:*", "matchCriteriaId": "716EC9AA-0569-4FA7-A244-1A14FA15C5AD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m1:*:*:*:*:*:*:*", "matchCriteriaId": "097D1950-6159-45A2-8653-D3F90044D0C8", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s:*:*:*:*:*:*:*", "matchCriteriaId": "1194A7BD-CB51-42CD-96E6-9ACF126DD8CA", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1:*:*:*:*:*:*:*", "matchCriteriaId": "F40A87C1-5EDB-4B50-84CF-729F5037E870", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.6\\(0.17\\)t:*:*:*:*:*:*:*", "matchCriteriaId": "96BDDBD0-684C-4E90-ACF9-F45D4B85835F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.6\\(1\\)t0a:*:*:*:*:*:*:*", "matchCriteriaId": "679DCA8C-F64B-4716-BCC9-9C461A89CB29", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xe:3.15s.0:*:*:*:*:*:*:*", "matchCriteriaId": "5D9E5471-04AF-47A5-ACC7-335516356BDD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.15s.1:*:*:*:*:*:*:*", "matchCriteriaId": "FB8A0099-DE49-4AB6-A408-EE5D62642D17", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.15s.2:*:*:*:*:*:*:*", "matchCriteriaId": "CE69B061-8523-487E-B749-28D56458A621", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.16s.0:*:*:*:*:*:*:*", "matchCriteriaId": "25257039-7860-4424-8C92-267FC444DA33", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.16s.1:*:*:*:*:*:*:*", "matchCriteriaId": "A0D78F52-7B40-4A9B-AC8E-150AFCAA7AF1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.17s.0:*:*:*:*:*:*:*", "matchCriteriaId": "203E013A-85E3-4D5B-A863-86297134BA04", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xe:3.17s.1:*:*:*:*:*:*:*", "matchCriteriaId": "1BB0A028-FA64-4899-AEC7-D6C5040E7C0E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service (IPsec connection termination) via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236."}, {"lang": "es", "value": "La m\u00e1quina de estado IKEv1 en Cisco IOS 15.4 hasta la versi\u00f3n 15.6 y IOS XE 3.15 hasta la versi\u00f3n 3.17 permite a atacantes remotos causar una denegaci\u00f3n de servicio (terminaci\u00f3n de conexi\u00f3n IPsec) a trav\u00e9s de un paquete IKEv1 manipulado en un dispositivo final del tunel, tambi\u00e9n conocida como Bug ID CSCuw08236."}], "id": "CVE-2015-6429", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-12-19T14:59:00.123", "references": [{"source": "psirt@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios"}, {"source": "psirt@cisco.com", "url": "http://www.securitytracker.com/id/1034505"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1034505"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-19"}], "source": "nvd@nist.gov", "type": "Primary"}]}