Total vulnerabilities in the database
The Flex-VPN load-balancing feature in the ipsec-ikev2 implementation in Cisco IOS before 15.1(1)SY3 does not require authentication, which allows remote attackers to trigger the forwarding of VPN traffic to an attacker-controlled destination, or the discarding of this traffic, by arranging for an arbitrary device to become a cluster member, aka Bug ID CSCub93641.
| Software | From | Fixed in |
|---|---|---|
| cisco / ios | 15.1 | 15.1.x |
| cisco / ios | - | 15.1\(1\)sy2.x |
| cisco / ios | 15.1(1)sy1 | 15.1(1)sy1.x |
| cisco / ios | 15.1(1)sy | 15.1(1)sy.x |