Lucene search

CiscoCISCO-SA-20150311-IPS

HistoryMar 11, 2015 - 4:00 p.m.

Cisco Intrusion Prevention System MainApp Secure Socket Layer Denial of Service Vulnerability

2015-03-1116:00:00

tools.cisco.com

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

EPSS

0.002

Percentile

56.0%

JSON

The Cisco
Intrusion Prevention System (IPS) Software has a vulnerability within the SSL/TLS subsystem utilized by the web management interface which could allow an
unauthenticated, remote attacker to cause a denial of service (DoS)
condition.

Cisco has released software updates that address this vulnerability. This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150311-ips[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150311-ips”]

Affected configurations

Vulners

Node

ciscointrusion_prevention_systemMatchany

VendorProductVersionCPE
ciscointrusion_prevention_systemanycpe:2.3:a:cisco:intrusion_prevention_system:any:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	intrusion_prevention_system	any	cpe:2.3:a:cisco:intrusion_prevention_system:any:::::::*

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150311-ips

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

EPSS

0.002

Percentile

56.0%

JSON

Related for CISCO-SA-20150311-IPS