Sign-up

ID

VAR-201510-0018


CVE

CVE-2015-6340


TITLE

Cisco ASR 5000 Device software CDMA Implementation of Proxy Mobile IPv6 Service disruption in components (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-005621

DESCRIPTION

The Proxy Mobile IPv6 (PMIPv6) component in the CDMA implementation on Cisco ASR 5000 devices with software 19.0.M0.60737 allows remote attackers to cause a denial of service (hamgr process restart) via a crafted header in a PMIPv6 packet, aka Bug ID CSCuv63280. Cisco ASR 5000 for CDMA System Software is prone to a denial-of-service vulnerability. Successful exploitation of the issue will cause the affected process to restart, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCuv63280. Cisco ASR 5000 is the 5000 series mobile multimedia service solution of Cisco (Cisco). The solution can help operators deploy large-scale high-demand 3G networks and support migration to 4G networks. CDMA is one of the Code Division Multiple Access (CDMA) mobile network implementations

Trust: 1.98

sources: NVD: CVE-2015-6340 // JVNDB: JVNDB-2015-005621 // BID: 77129 // VULHUB: VHN-84301

AFFECTED PRODUCTS

vendor:ciscomodel:asr 5000 softwarescope:eqversion:19.0.m0.60737

Trust: 1.6

vendor:ciscomodel:asr 5000 series softwarescope:eqversion:19.0.mo.60737

Trust: 0.8

vendor:ciscomodel:code division multiple accessscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:asr series software 19.0.mo.60737scope:eqversion:5000

Trust: 0.3

sources: BID: 77129 // JVNDB: JVNDB-2015-005621 // CNNVD: CNNVD-201510-610 // NVD: CVE-2015-6340

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-6340
value: MEDIUM

Trust: 1.0

NVD: CVE-2015-6340
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201510-610
value: MEDIUM

Trust: 0.6

VULHUB: VHN-84301
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-6340
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-84301
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-84301 // JVNDB: JVNDB-2015-005621 // CNNVD: CNNVD-201510-610 // NVD: CVE-2015-6340

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-84301 // JVNDB: JVNDB-2015-005621 // NVD: CVE-2015-6340

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201510-610

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201510-610

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-005621

PATCH
title:cisco-sa-20151016-asrcdmaurl:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151016-asrcdma
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2015-005621

EXTERNAL IDS
db:NVDid:CVE-2015-6340
Trust: 2.8
db:SECTRACKid:1033872
Trust: 1.1
db:JVNDBid:JVNDB-2015-005621
Trust: 0.8
db:CNNVDid:CNNVD-201510-610
Trust: 0.7
db:BIDid:77129
Trust: 0.4
db:VULHUBid:VHN-84301
Trust: 0.1
sources:
            
            
            VULHUB: VHN-84301 // 
            
            
            
            BID: 77129 // 
            
            
            
            JVNDB: JVNDB-2015-005621 // 
            
            
            
            CNNVD: CNNVD-201510-610 // 
            
            
            
            NVD: CVE-2015-6340

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151016-asrcdma
Trust: 1.7
url:http://www.securitytracker.com/id/1033872
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6340
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6340
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151016-asrcdma 
Trust: 0.3
sources:
            
            
            VULHUB: VHN-84301 // 
            
            
            
            BID: 77129 // 
            
            
            
            JVNDB: JVNDB-2015-005621 // 
            
            
            
            CNNVD: CNNVD-201510-610 // 
            
            
            
            NVD: CVE-2015-6340

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 77129

SOURCES
db:VULHUBid:VHN-84301
db:BIDid:77129
db:JVNDBid:JVNDB-2015-005621
db:CNNVDid:CNNVD-201510-610
db:NVDid:CVE-2015-6340

LAST UPDATE DATE
2025-04-12T23:32:48.993000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-84301date:2017-01-05T00:00:00
db:BIDid:77129date:2015-10-20T00:00:00
db:JVNDBid:JVNDB-2015-005621date:2015-10-29T00:00:00
db:CNNVDid:CNNVD-201510-610date:2015-10-28T00:00:00
db:NVDid:CVE-2015-6340date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:VULHUBid:VHN-84301date:2015-10-27T00:00:00
db:BIDid:77129date:2015-10-20T00:00:00
db:JVNDBid:JVNDB-2015-005621date:2015-10-29T00:00:00
db:CNNVDid:CNNVD-201510-610date:2015-10-28T00:00:00
db:NVDid:CVE-2015-6340date:2015-10-27T02:59:01.683