CVE-2015-0631

Race condition in the SSL implementation on Cisco Intrusion Prevention System (IPS) devices allows remote attackers to cause a denial of service by making many management-interface HTTPS connections during the key-regeneration phase of an upgrade, aka Bug ID CSCui25688.

Published: Feb 21, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-0631
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C

CWEs:

CWE-362

Affected Software
References

Software	From	Fixed in
cisco / ips_sensor_software	7.2(1)e4	7.2(1)e4.x
cisco / ips_sensor_software	7.2(2)e4	7.2(2)e4.x

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0631
http://www.securityfocus.com/bid/72700
http://www.securitytracker.com/id/1031780

Vulnerability Database

290,206

CVE-2015-0631