Vulnerability Details CVE-2015-0631
Race condition in the SSL implementation on Cisco Intrusion Prevention System (IPS) devices allows remote attackers to cause a denial of service by making many management-interface HTTPS connections during the key-regeneration phase of an upgrade, aka Bug ID CSCui25688.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.3%
CVSS Severity
CVSS v2 Score 7.1
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0631
- http://www.securityfocus.com/bid/72700
- http://www.securitytracker.com/id/1031780
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0631
- http://www.securityfocus.com/bid/72700
- http://www.securitytracker.com/id/1031780
Products affected by CVE-2015-0631
-
cpe:2.3:a:cisco:ips_sensor_software:7.2(1)e4
-
cpe:2.3:a:cisco:ips_sensor_software:7.2(2)e4
-
cpe:2.3:h:cisco:ids_4210:-
-
cpe:2.3:h:cisco:ids_4215:-
-
cpe:2.3:h:cisco:ids_4220:-
-
cpe:2.3:h:cisco:ids_4230:-
-
cpe:2.3:h:cisco:ids_4235:-
-
cpe:2.3:h:cisco:ids_4250:-
-
cpe:2.3:h:cisco:ids_4250_xl:-
-
cpe:2.3:h:cisco:ips_4240:-
-
cpe:2.3:h:cisco:ips_4255:-
-
cpe:2.3:h:cisco:ips_4260:-
-
cpe:2.3:h:cisco:ips_4270:-