Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2016-6415 | First vendor Publication | 2016-09-18 |
| Vendor | Cve | Last vendor Modification | 2025-01-27 |
Security-Database Scoring CVSS v3
| Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | |||
|---|---|---|---|
| Overall CVSS Score | 7.5 | ||
| Base Score | 7.5 | Environmental Score | 7.5 |
| impact SubScore | 3.6 | Temporal Score | 7.5 |
| Exploitabality Sub Score | 3.9 | ||
| Attack Vector | Network | Attack Complexity | Low |
| Privileges Required | None | User Interaction | None |
| Scope | Unchanged | Confidentiality Impact | High |
| Integrity Impact | None | Availability Impact | None |
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6415 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-200 | Information Exposure |
CPE : Common Platform Enumeration
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2016-10-10 | Cisco IOS Group-Prime SHA memory disclosure attempt RuleID : 40222-community - Revision : 5 - Type : SERVER-OTHER |
| 2016-09-16 | Cisco IOS Group-Prime SHA memory disclosure attempt RuleID : 40222 - Revision : 5 - Type : SERVER-OTHER |
| 2016-10-10 | Cisco IOS Group-Prime MD5 memory disclosure attempt RuleID : 40221-community - Revision : 5 - Type : SERVER-OTHER |
| 2016-09-16 | Cisco IOS Group-Prime MD5 memory disclosure attempt RuleID : 40221 - Revision : 5 - Type : SERVER-OTHER |
| 2016-10-10 | Cisco IOS Group-Prime memory disclosure exfiltration attempt RuleID : 40220-community - Revision : 6 - Type : SERVER-OTHER |
| 2016-09-16 | Cisco IOS Group-Prime memory disclosure exfiltration attempt RuleID : 40220 - Revision : 6 - Type : SERVER-OTHER |
Metasploit Database
| id | Description |
|---|---|
| 2016-09-29 | Cisco IKE Information Disclosure |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2017-01-26 | Name : A remote device is affected by an information disclosure vulnerability. File : cisco_ikev1_info_disclosure.nasl - Type : ACT_ATTACK |
| 2016-09-27 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20160916-ikev1-ios.nasl - Type : ACT_GATHER_INFO |
| 2016-09-27 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20160916-ikev1-iosxe.nasl - Type : ACT_GATHER_INFO |
| 2016-09-27 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20160916-ikev1-iosxr.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
| Source | Url |
|---|
Alert History
| Date | Informations |
|---|---|
| 2025-01-28 00:21:20 |
|
| 2024-11-28 12:58:05 |
|
| 2024-10-04 01:39:06 |
|
| 2024-10-03 01:39:39 |
|
| 2024-07-25 01:38:22 |
|
| 2024-03-07 01:37:31 |
|
| 2023-10-07 01:34:59 |
|
| 2023-10-06 01:34:47 |
|
| 2023-09-20 01:34:19 |
|
| 2023-08-12 12:42:00 |
|
| 2023-08-12 01:11:03 |
|
| 2023-08-11 12:36:50 |
|
| 2023-08-11 01:11:22 |
|
| 2023-08-06 12:35:36 |
|
| 2023-08-06 01:11:03 |
|
| 2023-08-04 12:35:45 |
|
| 2023-08-04 01:11:07 |
|
| 2023-07-14 12:35:47 |
|
| 2023-07-14 01:11:06 |
|
| 2023-05-10 01:30:24 |
|
| 2023-04-01 01:30:05 |
|
| 2023-03-29 01:37:34 |
|
| 2023-03-28 12:11:25 |
|
| 2022-12-24 01:28:45 |
|
| 2022-10-28 12:28:45 |
|
| 2022-10-11 12:32:00 |
|
| 2022-10-11 01:11:05 |
|
| 2022-09-03 12:28:09 |
|
| 2022-04-27 01:26:53 |
|
| 2022-04-26 01:26:47 |
|
| 2022-03-19 01:25:14 |
|
| 2021-11-06 12:24:58 |
|
| 2021-10-14 01:23:01 |
|
| 2021-10-13 01:22:51 |
|
| 2021-10-08 12:23:42 |
|
| 2021-08-26 01:22:06 |
|
| 2021-05-04 12:53:26 |
|
| 2021-04-22 02:06:11 |
|
| 2021-04-01 01:18:56 |
|
| 2021-03-31 01:18:54 |
|
| 2021-03-30 12:19:02 |
|
| 2021-03-30 01:19:02 |
|
| 2020-06-11 09:22:43 |
|
| 2020-06-11 00:22:45 |
|
| 2020-06-10 01:15:10 |
|
| 2020-06-09 01:16:02 |
|
| 2020-06-03 21:23:00 |
|
| 2020-05-23 13:17:09 |
|
| 2020-05-23 00:52:40 |
|
| 2017-07-30 12:02:18 |
|
| 2017-01-28 13:25:42 |
|
| 2016-10-04 21:25:28 |
|
| 2016-10-01 09:24:16 |
|
| 2016-09-28 13:25:12 |
|
| 2016-09-19 21:19:41 |
|
| 2016-09-19 09:21:26 |
|
