CVE-2015-6432
Description
Cisco IOS XR 4.2.0, 4.3.0, 5.0.0, 5.1.0, 5.2.0, 5.2.2, 5.2.4, 5.3.0, and 5.3.2 does not properly restrict the number of Path Computation Elements (PCEs) for OSPF LSA opaque area updates, which allows remote attackers to cause a denial of service (device reload) via a crafted update, aka Bug ID CSCuw83486.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.895
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Cisco IOS XR Software OSPF Link State Advertisement PCE Vulnerability For Cisco Network Convergence System 540 Series Routers | NCM |
| CVE-2015-6432 | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1706041 | Security Update for Cisco Network Convergence System 540 Series Routers 6.4.1.8i.BASE |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234