CVE-2016-6398
MEDIUMCisco IOS <15.5(3)M - Info Disclosure
Title source: llmDescription
The PPTP server in Cisco IOS 15.5(3)M does not properly initialize packet buffers, which allows remote attackers to obtain sensitive information from earlier network communication by reading packet data, aka Bug ID CSCvb16274.
Scores
CVSS v3
5.3
EPSS
0.0027
EPSS Percentile
50.4%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Classification
CWE
CWE-200
Status
published
Affected Products (2)
cisco/ios
n/a/n/a
Timeline
Published
Sep 12, 2016
Tracked Since
Feb 18, 2026