CVE-2015-0654
Cisco Intrusion Prevention System - Denial of Service via TLS HTTPS Session Race Condition
Title source: llmDescription
Race condition in the TLS implementation in MainApp in the management interface in Cisco Intrusion Prevention System (IPS) Software before 7.3(3)E4 allows remote attackers to cause a denial of service (process hang) by establishing many HTTPS sessions, aka Bug ID CSCuq40652.
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150311-ips
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1031908
Scores
EPSS
0.0126
EPSS Percentile
66.0%
Details
CWE
CWE-362
Status
published
Products (3)
cisco/intrusion_prevention_system
7.2\(1\)e4
cisco/intrusion_prevention_system
7.2\(2\)e4
cisco/intrusion_prevention_system
7.3\(2\)e4
Published
Mar 13, 2015
Tracked Since
Feb 18, 2026