CVE-2015-6431 - Cisco IOS XE 16.1.1 allows remote attackers to cause a denial of service (device reload) via a packe

CVE-2015-6431

Summary

Cisco IOS XE 16.1.1 allows remote attackers to cause a denial of service (device reload) via a packet with the 00-00-00-00-00-00 source MAC address, aka Bug ID CSCux48405.

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2015-1221-iosxe
http://www.securityfocus.com/bid/79654
http://www.securitytracker.com/id/1034514

Vulnerable Configurations

cpe:2.3:o:cisco:ios_xe:16.1.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:16.1.1:*:*:*:*:*:*:*

CVSS

Base:	6.1 (as of 07-12-2016 - 18:20)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
ADJACENT_NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:A/AC:L/Au:N/C:N/I:N/A:C

refmap via4

bid	79654
cisco	20151221 Cisco IOS XE Software Packet Processing Denial of Service Vulnerability
sectrack	1034514

Last major update

07-12-2016 - 18:20

Published

23-12-2015 - 03:59

Last modified

07-12-2016 - 18:20