← Voltar para CVEs

CVE-2016-6415

HIGHCISA KEV

7.5

Descricao

The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN.

Detalhes CVE

Pontuacao CVSS v3.17.5

SeveridadeHIGH

Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vetor de ataqueNETWORK

ComplexidadeLOW

Privilegios necessariosNONE

Interacao do usuarioNONE

Publicado9/19/2016

Ultima modificacao4/22/2026

Fontekev

Avistamentos honeypot0

CISA KEV

FornecedorCisco

ProdutoIOS, IOS XR, and IOS XE

Nome da vulnerabilidadeCisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerability

Data inclusao KEV2023-05-19

Prazo de remediacao2023-06-09

Uso em ransomwareUnknown

Produtos afetados

cisco:ioscisco:ios_xecisco:ios_xr

Fraquezas (CWE)

CWE-200CWE-200

Referencias

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1(psirt@cisco.com)

http://www.securityfocus.com/bid/93003(psirt@cisco.com)

http://www.securitytracker.com/id/1036841(psirt@cisco.com)

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/bid/93003(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id/1036841(af854a3a-2127-422b-91ae-364da2661108)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-6415(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.