Home

CVE-2015-6360

Description

The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
18.485

Associated Vulnerability

VulnerabilityOS Platform
(RHSA-2020:3873) libsrtp security and bug fix update libsrtp-1.4.4-11.20101004cvs.el7.i686.rpmLinux
(RHSA-2020:3873) libsrtp security and bug fix update libsrtp-1.4.4-11.20101004cvs.el7.x86_64.rpmLinux
(RHSA-2020:3873) libsrtp security and bug fix update libsrtp-devel-1.4.4-11.20101004cvs.el7.i686.rpmLinux
(RHSA-2020:3873) libsrtp security and bug fix update libsrtp-devel-1.4.4-11.20101004cvs.el7.x86_64.rpmLinux
(CESA-2020:3873) libsrtp security and bug fix update libsrtp-1.4.4-11.20101004cvs.el7.x86_64.rpmLinux
(CESA-2020:3873) libsrtp security and bug fix update libsrtp-devel-1.4.4-11.20101004cvs.el7.x86_64.rpmLinux
(RHSA-2020:3873)Moderate: security and bug fix update libsrtp-debuginfo-1.4.4-11.20101004cvs.el7.i686.rpmLinux
(RHSA-2020:3873)Moderate: security and bug fix update libsrtp-debuginfo-1.4.4-11.20101004cvs.el7.x86_64.rpmLinux
Libsrtp update (ELSA-2020-3873) libsrtp-1.4.4-11.20101004cvs.el7.i686.rpmLinux
Libsrtp update (ELSA-2020-3873) libsrtp-1.4.4-11.20101004cvs.el7.x86_64.rpmLinux
libsrtp Security Update (ALAS-2020-1530) libsrtp-1.4.4-11.20101004cvs.amzn2.i686.rpmLinux
libsrtp Security Update (ALAS-2020-1530) libsrtp-1.4.4-11.20101004cvs.amzn2.x86_64.rpmLinux
libsrtp Security Update (ALAS-2020-1530) libsrtp-devel-1.4.4-11.20101004cvs.amzn2.x86_64.rpmLinux
Multiple Cisco Products libSRTP Denial of Service Vulnerability For Cisco IOS XE SoftwareNCM
Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-6360)NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-1706107Security Update for Cisco IOS XE Software 5.2(1)SV5(1.3a)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234