Executive Summary
Summary | |
---|---|
Title | Cisco Prime Network Analysis Module IPv6 Denial of Service Vulnerability |
Informations | |||
---|---|---|---|
Name | cisco-sa-20160601-prime3 | First vendor Publication | 2016-06-01 |
Vendor | Cisco | Last vendor Modification | 2016-06-01 |
Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A vulnerability in the IPv6 packet decode function of the Cisco Network Analysis Module (NAM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to an improper calculation of the IPv6 payload length of certain IPv6 packets. An attacker could exploit this vulnerability by sending crafted IPv6 packets on the network where the NAM is collecting and monitoring traffic. An exploit could allow the attacker to cause a DoS condition and the NAM could cease to collect and monitor traffic for a short time. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime3 BEGIN PGP SIGNATURE Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV0WyjK89gD3EAJB5AQIJbRAAmARSbMN/HbRdFCfkBTHNt5GgfMHbGRlv 3tY+2UpNk76RO+3qT5Dia5i1dSw6xFViREIFJR5/8fgSaBQMAUqU/Ub0Yoka1AzV OKA3qHt9tdmkSJ3l7evW+Os4bQTpf/DSlNJoIwWRcvdgMHudUZ9ELzp9WwIczI9T AQwwJBfPyyZLDzfDC6e0Lxx2ca4ITumOFBbG7QW9NNLki5xD51nTA4VscMfzLNJd ETuAVELyEl5cOUG3Fnq7a9Aok105UlGSgf5w/cGrXo/ycSfvDYaZ7WBPBAFuXQht bUVvfzNmHjiBcTK8rv27fc+mRsU18vTkHyIopXc1sUayrYVhUkSGVIbqN6gICDRt 0CDlT8bSVQybPElmpoR57U2d+YatLjWggmUzS1EFCFfezLOGzYftSFB/D9YiYXZ6 7FR+2feIBnitEThvcEHXt5X7EPEOwUJtTNLN9psE+hMpDcThw5PzJ8dhRPrF7EBW Q26GRafNxcw/mm4wDIHcWfABWVbGKCSqcNcGIVwLtk40wb7mwlpfOVckSwctN/u4 jGeR4gmWcgdYDGWATyWDhVatq2c/x9ou2PkBanPbXb90Pshr7EVPbV4t/ovBKlix ORjuu2/szqwJLRb5M8RiZVfgrA+79q7BGgxWQQK3Wi14FxzrNvQlQFq5GYNQjy9Z FqHgZHEGhC4= =vGKU END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
Original Source
Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 2 |
Alert History
Date | Informations |
---|---|
2016-06-03 21:35:49 |
|
2016-06-01 21:22:15 |
|