ID
VAR-201510-0016
CVE
CVE-2015-6334
TITLE
Cisco ASR 5000 and Cisco ASR 5500 Service disruption in device software (DoS) Vulnerabilities
Trust: 0.8
sources:
JVNDB: JVNDB-2015-005330
DESCRIPTION
Cisco ASR 5000 and 5500 devices with software 18.0.0.57828 and 19.0.M0.61045 allow remote attackers to cause a denial of service (vpnmgr process restart) via a crafted header in a TACACS packet, aka Bug ID CSCuw01984. Allows a remote attacker to submit a special TACACS packet header to restart the vpnmgr process. This issue is being tracked by Cisco Bug IDs CSCuw01984 and CSCuw01985
Trust: 2.52
sources:
NVD: CVE-2015-6334 //
JVNDB: JVNDB-2015-005330 //
CNVD: CNVD-2015-06706 //
BID: 77113 //
VULHUB: VHN-84295
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2015-06706
AFFECTED PRODUCTS
| vendor: | cisco | model: | asr 5000 software | scope: | eq | version: | 18.0.0.57828 | Trust: 1.6 |
| vendor: | cisco | model: | asr 5000 software | scope: | eq | version: | 19.0.m0.61045 | Trust: 1.6 |
| vendor: | cisco | model: | asr 5000 series software | scope: | eq | version: | 18.0.0.57828 (cisco asr 5000 router /cisco asr 5500 router ) | Trust: 0.8 |
| vendor: | cisco | model: | asr 5000 series software | scope: | eq | version: | 19.0.m0.61045 (cisco asr 5000 router /cisco asr 5500 router ) | Trust: 0.8 |
| vendor: | cisco | model: | asr and devices with software | scope: | eq | version: | 5000550018.0.0.57828 | Trust: 0.6 |
| vendor: | cisco | model: | asr and devices with software 19.0.m0.61045 | scope: | eq | version: | 50005500 | Trust: 0.6 |
| vendor: | cisco | model: | asr series software | scope: | eq | version: | 55000 | Trust: 0.3 |
| vendor: | cisco | model: | asr series software 19.0.m0.61045 | scope: | eq | version: | 5000 | Trust: 0.3 |
| vendor: | cisco | model: | asr series software | scope: | eq | version: | 500018.0.0.57828 | Trust: 0.3 |
| vendor: | cisco | model: | asr series software | scope: | eq | version: | 50000 | Trust: 0.3 |
sources:
CNVD: CNVD-2015-06706 //
BID: 77113 //
JVNDB: JVNDB-2015-005330 //
CNNVD: CNNVD-201510-290 //
NVD: CVE-2015-6334
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
CNVD: CNVD-2015-06706 //
VULHUB: VHN-84295 //
JVNDB: JVNDB-2015-005330 //
CNNVD: CNNVD-201510-290 //
NVD: CVE-2015-6334
PROBLEMTYPE DATA
| problemtype: | CWE-20 | Trust: 1.9 |
sources:
VULHUB: VHN-84295 //
JVNDB: JVNDB-2015-005330 //
NVD: CVE-2015-6334
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-201510-290
TYPE
input validation
Trust: 0.6
sources:
CNNVD: CNNVD-201510-290
CONFIGURATIONS
sources:
JVNDB: JVNDB-2015-005330
PATCH
| title: | cisco-sa-20130508-cvp | url: | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151012-asr | Trust: 0.8 |
| title: | Patch for TACACS Packet Denial of Service Vulnerability for Cisco ASR 5000 and 5500 Appliances | url: | https://www.cnvd.org.cn/patchInfo/show/65534 | Trust: 0.6 |
| title: | Cisco ASR 5000 and 5500 Repair measures for device denial of service vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58138 | Trust: 0.6 |
sources:
CNVD: CNVD-2015-06706 //
JVNDB: JVNDB-2015-005330 //
CNNVD: CNNVD-201510-290
EXTERNAL IDS
| db: | NVD | id: | CVE-2015-6334 | Trust: 3.4 |
| db: | SECTRACK | id: | 1033792 | Trust: 1.1 |
| db: | JVNDB | id: | JVNDB-2015-005330 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201510-290 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2015-06706 | Trust: 0.6 |
| db: | BID | id: | 77113 | Trust: 0.4 |
| db: | VULHUB | id: | VHN-84295 | Trust: 0.1 |
sources:
CNVD: CNVD-2015-06706 //
VULHUB: VHN-84295 //
BID: 77113 //
JVNDB: JVNDB-2015-005330 //
CNNVD: CNNVD-201510-290 //
NVD: CVE-2015-6334
REFERENCES
| url: | http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151012-asr | Trust: 2.6 |
| url: | http://www.securitytracker.com/id/1033792 | Trust: 1.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6334 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6334 | Trust: 0.8 |
| url: | http://www.cisco.com/en/us/products/ps11072/ | Trust: 0.3 |
| url: | http://www.cisco.com/ | Trust: 0.3 |
sources:
CNVD: CNVD-2015-06706 //
VULHUB: VHN-84295 //
BID: 77113 //
JVNDB: JVNDB-2015-005330 //
CNNVD: CNNVD-201510-290 //
NVD: CVE-2015-6334
CREDITS
Cisco
Trust: 0.3
sources:
BID: 77113
SOURCES
| db: | CNVD | id: | CNVD-2015-06706 |
| db: | VULHUB | id: | VHN-84295 |
| db: | BID | id: | 77113 |
| db: | JVNDB | id: | JVNDB-2015-005330 |
| db: | CNNVD | id: | CNNVD-201510-290 |
| db: | NVD | id: | CVE-2015-6334 |
LAST UPDATE DATE
2025-04-13T23:35:06.815000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2015-06706 | date: | 2015-10-22T00:00:00 |
| db: | VULHUB | id: | VHN-84295 | date: | 2016-12-09T00:00:00 |
| db: | BID | id: | 77113 | date: | 2015-10-12T00:00:00 |
| db: | JVNDB | id: | JVNDB-2015-005330 | date: | 2015-10-19T00:00:00 |
| db: | CNNVD | id: | CNNVD-201510-290 | date: | 2015-10-16T00:00:00 |
| db: | NVD | id: | CVE-2015-6334 | date: | 2025-04-12T10:46:40.837 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2015-06706 | date: | 2015-10-21T00:00:00 |
| db: | VULHUB | id: | VHN-84295 | date: | 2015-10-16T00:00:00 |
| db: | BID | id: | 77113 | date: | 2015-10-12T00:00:00 |
| db: | JVNDB | id: | JVNDB-2015-005330 | date: | 2015-10-19T00:00:00 |
| db: | CNNVD | id: | CNNVD-201510-290 | date: | 2015-10-16T00:00:00 |
| db: | NVD | id: | CVE-2015-6334 | date: | 2015-10-16T01:59:08.153 |