CVE-2015-6360

HIGH

Cisco IOS XE - Denial of Service via Crafted SRTP Packet Fields

Title source: llm
STIX 2.1

Description

The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.

References (9)

Core 9
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1035650
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1035649
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2016/dsa-3539
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1035651
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1035636
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1035648
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1035652
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1035637

Scores

CVSS v3 7.5
EPSS 0.0828
EPSS Percentile 94.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-119
Status published
Products (50)
cisco/adaptive_security_appliance_software 8.1.0.104
cisco/adaptive_security_appliance_software 8.2.0.45
cisco/adaptive_security_appliance_software 8.2.1
cisco/adaptive_security_appliance_software 8.2.1.11
cisco/adaptive_security_appliance_software 8.2.2
cisco/adaptive_security_appliance_software 8.2.2.9
cisco/adaptive_security_appliance_software 8.2.2.10
cisco/adaptive_security_appliance_software 8.2.2.12
cisco/adaptive_security_appliance_software 8.2.2.16
cisco/adaptive_security_appliance_software 8.2.2.17
... and 40 more
Published Apr 21, 2016
Tracked Since Feb 18, 2026