Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2015-6432

Cisco IOS XR 4.2.0, 4.3.0, 5.0.0, 5.1.0, 5.2.0, 5.2.2, 5.2.4, 5.3.0, and 5.3.2 does not properly restrict the number of Path Computation Elements (PCEs) for OSPF LSA opaque area updates, which allows remote attackers to cause a denial of service (device reload) via a crafted update, aka Bug ID CSCuw83486.

  • Published: Jan 5, 2016
  • Updated: Apr 13, 2023
  • CVE: CVE-2015-6432
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

Software From Fixed in
cisco / ios_xr 4.3.0 4.3.0.x
cisco / ios_xr 5.2.4 5.2.4.x
cisco / ios_xr 5.1.0 5.1.0.x
cisco / ios_xr 4.2.0 4.2.0.x
cisco / ios_xr 5.3.2 5.3.2.x
cisco / ios_xr 5.3.0 5.3.0.x
cisco / ios_xr 5.0.0 5.0.0.x
cisco / ios_xr 5.2.0 5.2.0.x
cisco / ios_xr 5.2.2 5.2.2.x