Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-0654

Overview

Vulnerability Score 7.1 7.1
CVE Id CVE-2015-0654
Last Modified 11 Sep 2015 11:50:15
Published 12 Mar 2015 09:59:33
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2015-0654

Summary

Race condition in the TLS implementation in MainApp in the management interface in Cisco Intrusion Prevention System (IPS) Software before 7.3(3)E4 allows remote attackers to cause a denial of service (process hang) by establishing many HTTPS sessions, aka Bug ID CSCuq40652.

Vulnerable Systems

Application

  • Cisco Intrusion Prevention System 7.2%281%29e4

  • Cisco Intrusion Prevention System 7.2%282%29e4

  • Cisco Intrusion Prevention System 7.3%282%29e4


References

CISCO - 20150311 Cisco Intrusion Prevention System MainApp Secure Socket Layer Denial of Service Vulnerability

SECTRACK - 1031908


Last Updated: 27 May 2016 11:08:05