CVE-2015-6278: Input Validation
First published: Mon Sep 28 2015(Updated: )
The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3S; and 3.14S before 3.14.2S does not properly implement the Control Plane Protection (aka CPPr) feature, which allows remote attackers to cause a denial of service (device reload) via a flood of ND packets, aka Bug ID CSCus19794.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco IOS | =12.2\(50\)sy | |
| Cisco IOS | =12.2\(50\)sy1 | |
| Cisco IOS | =12.2\(50\)sy2 | |
| Cisco IOS | =12.2\(50\)sy3 | |
| Cisco IOS | =12.2\(50\)sy4 | |
| Cisco IOS | =15.0\(1\)ex | |
| Cisco IOS | =15.0\(1\)sy | |
| Cisco IOS | =15.0\(1\)sy1 | |
| Cisco IOS | =15.0\(1\)sy2 | |
| Cisco IOS | =15.0\(1\)sy3 | |
| Cisco IOS | =15.0\(1\)sy4 | |
| Cisco IOS | =15.0\(1\)sy5 | |
| Cisco IOS | =15.0\(1\)sy6 | |
| Cisco IOS | =15.0\(1\)sy7 | |
| Cisco IOS | =15.0\(1\)sy7a | |
| Cisco IOS | =15.0\(1\)sy8 | |
| Cisco IOS | =15.0\(2\)ea2 | |
| Cisco IOS | =15.0\(2\)ej | |
| Cisco IOS | =15.0\(2\)ej1 | |
| Cisco IOS | =15.0\(2\)ez | |
| Cisco IOS | =15.0\(2\)se | |
| Cisco IOS | =15.0\(2\)se1 | |
| Cisco IOS | =15.0\(2\)se2 | |
| Cisco IOS | =15.0\(2\)se3 | |
| Cisco IOS | =15.0\(2\)se4 | |
| Cisco IOS | =15.0\(2\)se5 | |
| Cisco IOS | =15.0\(2\)se6 | |
| Cisco IOS | =15.0\(2\)se7 | |
| Cisco IOS | =15.0\(2\)se8 | |
| Cisco IOS | =15.0\(2a\)ex5 | |
| Cisco IOS | =15.1\(1\)sy | |
| Cisco IOS | =15.1\(1\)sy1 | |
| Cisco IOS | =15.1\(1\)sy2 | |
| Cisco IOS | =15.1\(1\)sy3 | |
| Cisco IOS | =15.1\(1\)sy4 | |
| Cisco IOS | =15.1\(1\)sy5 | |
| Cisco IOS | =15.1\(2\)sg | |
| Cisco IOS | =15.1\(2\)sg1 | |
| Cisco IOS | =15.1\(2\)sg2 | |
| Cisco IOS | =15.1\(2\)sg3 | |
| Cisco IOS | =15.1\(2\)sg4 | |
| Cisco IOS | =15.1\(2\)sg5 | |
| Cisco IOS | =15.1\(2\)sg6 | |
| Cisco IOS | =15.1\(2\)sy | |
| Cisco IOS | =15.1\(2\)sy1 | |
| Cisco IOS | =15.1\(2\)sy2 | |
| Cisco IOS | =15.1\(2\)sy3 | |
| Cisco IOS | =15.1\(2\)sy4 | |
| Cisco IOS | =15.1\(2\)sy4a | |
| Cisco IOS | =15.1\(2\)sy5 | |
| Cisco IOS | =15.2\(1\)e | |
| Cisco IOS | =15.2\(1\)e1 | |
| Cisco IOS | =15.2\(1\)e2 | |
| Cisco IOS | =15.2\(1\)e3 | |
| Cisco IOS | =15.2\(1\)sy | |
| Cisco IOS | =15.2\(1\)sy0a | |
| Cisco IOS | =15.2\(2\)e | |
| Cisco IOS | =15.2\(2\)e1 | |
| Cisco IOS | =15.2\(2\)e2 | |
| Cisco IOS | =15.2\(2\)ea1 | |
| Cisco IOS | =15.2\(2a\)e1 | |
| Cisco IOS | =15.2\(3\)e | |
| Cisco IOS | =15.2\(3\)e1 | |
| Cisco IOS | =15.2\(3a\)e | |
| Cisco IOS | =15.2\(4\)s | |
| Cisco IOS | =15.2\(4\)s1 | |
| Cisco IOS | =15.2\(4\)s2 | |
| Cisco IOS | =15.2\(4\)s3 | |
| Cisco IOS | =15.2\(4\)s3a | |
| Cisco IOS | =15.2\(4\)s4 | |
| Cisco IOS | =15.2\(4\)s4a | |
| Cisco IOS | =15.2\(4\)s5 | |
| Cisco IOS | =15.2\(4\)s6 | |
| Cisco IOS | =15.2\(4\)s7 | |
| Cisco IOS | =15.3\(1\)s | |
| Cisco IOS | =15.3\(1\)s2 | |
| Cisco IOS | =15.3\(2\)s | |
| Cisco IOS | =15.3\(2\)s0a | |
| Cisco IOS | =15.3\(2\)s1 | |
| Cisco IOS | =15.3\(2\)s2 | |
| Cisco IOS | =15.3\(3\)s | |
| Cisco IOS | =15.3\(3\)s1 | |
| Cisco IOS | =15.3\(3\)s2 | |
| Cisco IOS | =15.3\(3\)s3 | |
| Cisco IOS | =15.3\(3\)s4 | |
| Cisco IOS | =15.3\(3\)s5 | |
| Cisco IOS | =15.4\(1\)s | |
| Cisco IOS | =15.4\(1\)s1 | |
| Cisco IOS | =15.4\(1\)s2 | |
| Cisco IOS | =15.4\(1\)s3 | |
| Cisco IOS | =15.4\(2\)s | |
| Cisco IOS | =15.4\(2\)s1 | |
| Cisco IOS | =15.4\(2\)s2 | |
| Cisco IOS | =15.4\(2\)s3 | |
| Cisco IOS | =15.4\(3\)s | |
| Cisco IOS | =15.4\(3\)s1 | |
| Cisco IOS | =15.4\(3\)s2 | |
| Cisco IOS | =15.5\(1\)s | |
| Cisco IOS | =15.5\(1\)s1 | |
| Cisco IOS XE Web UI | =3.2se.0 | |
| Cisco IOS XE Web UI | =3.2se.1 | |
| Cisco IOS XE Web UI | =3.2se.2 | |
| Cisco IOS XE Web UI | =3.2se.3 | |
| Cisco IOS XE Web UI | =3.3se.0 | |
| Cisco IOS XE Web UI | =3.3se.1 | |
| Cisco IOS XE Web UI | =3.3se.2 | |
| Cisco IOS XE Web UI | =3.3se.3 | |
| Cisco IOS XE Web UI | =3.3se.4 | |
| Cisco IOS XE Web UI | =3.3se.5 | |
| Cisco IOS XE Web UI | =3.3xo.0 | |
| Cisco IOS XE Web UI | =3.3xo.1 | |
| Cisco IOS XE Web UI | =3.3xo.2 | |
| Cisco IOS XE Web UI | =3.4sg.0 | |
| Cisco IOS XE Web UI | =3.4sg.1 | |
| Cisco IOS XE Web UI | =3.4sg.2 | |
| Cisco IOS XE Web UI | =3.4sg.3 | |
| Cisco IOS XE Web UI | =3.4sg.4 | |
| Cisco IOS XE Web UI | =3.4sg.5 | |
| Cisco IOS XE Web UI | =3.4sg.6 | |
| Cisco IOS XE Web UI | =3.5e.0 | |
| Cisco IOS XE Web UI | =3.5e.1 | |
| Cisco IOS XE Web UI | =3.5e.2 | |
| Cisco IOS XE Web UI | =3.5e.3 | |
| Cisco IOS XE Web UI | =3.6e.0 | |
| Cisco IOS XE Web UI | =3.6e.0a | |
| Cisco IOS XE Web UI | =3.6e.0b | |
| Cisco IOS XE Web UI | =3.6e.1 | |
| Cisco IOS XE Web UI | =3.6e.2 | |
| Cisco IOS XE Web UI | =3.6e.2a | |
| Cisco IOS XE Web UI | =3.7e.0 | |
| Cisco IOS XE Web UI | =3.7e.1 | |
| Cisco IOS XE Web UI | =3.9s.0 | |
| Cisco IOS XE Web UI | =3.9s.1 | |
| Cisco IOS XE Web UI | =3.9s.2 | |
| Cisco IOS XE Web UI | =3.10s.0 | |
| Cisco IOS XE Web UI | =3.10s.0a | |
| Cisco IOS XE Web UI | =3.10s.01 | |
| Cisco IOS XE Web UI | =3.10s.1 | |
| Cisco IOS XE Web UI | =3.10s.2 | |
| Cisco IOS XE Web UI | =3.10s.3 | |
| Cisco IOS XE Web UI | =3.10s.4 | |
| Cisco IOS XE Web UI | =3.10s.5 | |
| Cisco IOS XE Web UI | =3.11s.0 | |
| Cisco IOS XE Web UI | =3.11s.1 | |
| Cisco IOS XE Web UI | =3.11s.2 | |
| Cisco IOS XE Web UI | =3.11s.3 | |
| Cisco IOS XE Web UI | =3.12s.0 | |
| Cisco IOS XE Web UI | =3.12s.1 | |
| Cisco IOS XE Web UI | =3.12s.2 | |
| Cisco IOS XE Web UI | =3.12s.3 | |
| Cisco IOS XE Web UI | =3.13s.0 | |
| Cisco IOS XE Web UI | =3.13s.1 | |
| Cisco IOS XE Web UI | =3.13s.2 | |
| Cisco IOS XE Web UI | =3.14s.0 | |
| Cisco IOS XE Web UI | =3.14s.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2015-6278?
CVE-2015-6278 has been assigned a High severity rating due to the potential risk of remote code execution.
How do I fix CVE-2015-6278?
To fix CVE-2015-6278, update your Cisco IOS or IOS XE to a fixed version that addresses this vulnerability.
Which Cisco products are affected by CVE-2015-6278?
CVE-2015-6278 affects multiple versions of Cisco IOS and IOS XE, including versions 12.2, 15.0 through 15.5, and several IOS XE releases.
What type of vulnerability is CVE-2015-6278?
CVE-2015-6278 is a vulnerability related to the IPv6 snooping functionality in Cisco's first-hop security subsystem.
Is there any workaround for CVE-2015-6278 before applying a patch?
No official workarounds have been provided for CVE-2015-6278, so updating to a secure version is the recommended course of action.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/references
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco ios
- version/cisco ios/12.2\(50\)sy
- version/cisco ios/12.2\(50\)sy1
- version/cisco ios/12.2\(50\)sy2
- version/cisco ios/12.2\(50\)sy3
- version/cisco ios/12.2\(50\)sy4
- version/cisco ios/15.0\(1\)ex
- version/cisco ios/15.0\(1\)sy
- version/cisco ios/15.0\(1\)sy1
- version/cisco ios/15.0\(1\)sy2
- version/cisco ios/15.0\(1\)sy3
- version/cisco ios/15.0\(1\)sy4
- version/cisco ios/15.0\(1\)sy5
- version/cisco ios/15.0\(1\)sy6
- version/cisco ios/15.0\(1\)sy7
- version/cisco ios/15.0\(1\)sy7a
- version/cisco ios/15.0\(1\)sy8
- version/cisco ios/15.0\(2\)ea2
- version/cisco ios/15.0\(2\)ej
- version/cisco ios/15.0\(2\)ej1
- version/cisco ios/15.0\(2\)ez
- version/cisco ios/15.0\(2\)se
- version/cisco ios/15.0\(2\)se1
- version/cisco ios/15.0\(2\)se2
- version/cisco ios/15.0\(2\)se3
- version/cisco ios/15.0\(2\)se4
- version/cisco ios/15.0\(2\)se5
- version/cisco ios/15.0\(2\)se6
- version/cisco ios/15.0\(2\)se7
- version/cisco ios/15.0\(2\)se8
- version/cisco ios/15.0\(2a\)ex5
- version/cisco ios/15.1\(1\)sy
- version/cisco ios/15.1\(1\)sy1
- version/cisco ios/15.1\(1\)sy2
- version/cisco ios/15.1\(1\)sy3
- version/cisco ios/15.1\(1\)sy4
- version/cisco ios/15.1\(1\)sy5
- version/cisco ios/15.1\(2\)sg
- version/cisco ios/15.1\(2\)sg1
- version/cisco ios/15.1\(2\)sg2
- version/cisco ios/15.1\(2\)sg3
- version/cisco ios/15.1\(2\)sg4
- version/cisco ios/15.1\(2\)sg5
- version/cisco ios/15.1\(2\)sg6
- version/cisco ios/15.1\(2\)sy
- version/cisco ios/15.1\(2\)sy1
- version/cisco ios/15.1\(2\)sy2
- version/cisco ios/15.1\(2\)sy3
- version/cisco ios/15.1\(2\)sy4
- version/cisco ios/15.1\(2\)sy4a
- version/cisco ios/15.1\(2\)sy5
- version/cisco ios/15.2\(1\)e
- version/cisco ios/15.2\(1\)e1
- version/cisco ios/15.2\(1\)e2
- version/cisco ios/15.2\(1\)e3
- version/cisco ios/15.2\(1\)sy
- version/cisco ios/15.2\(1\)sy0a
- version/cisco ios/15.2\(2\)e
- version/cisco ios/15.2\(2\)e1
- version/cisco ios/15.2\(2\)e2
- version/cisco ios/15.2\(2\)ea1
- version/cisco ios/15.2\(2a\)e1
- version/cisco ios/15.2\(3\)e
- version/cisco ios/15.2\(3\)e1
- version/cisco ios/15.2\(3a\)e
- version/cisco ios/15.2\(4\)s
- version/cisco ios/15.2\(4\)s1
- version/cisco ios/15.2\(4\)s2
- version/cisco ios/15.2\(4\)s3
- version/cisco ios/15.2\(4\)s3a
- version/cisco ios/15.2\(4\)s4
- version/cisco ios/15.2\(4\)s4a
- version/cisco ios/15.2\(4\)s5
- version/cisco ios/15.2\(4\)s6
- version/cisco ios/15.2\(4\)s7
- version/cisco ios/15.3\(1\)s
- version/cisco ios/15.3\(1\)s2
- version/cisco ios/15.3\(2\)s
- version/cisco ios/15.3\(2\)s0a
- version/cisco ios/15.3\(2\)s1
- version/cisco ios/15.3\(2\)s2
- version/cisco ios/15.3\(3\)s
- version/cisco ios/15.3\(3\)s1
- version/cisco ios/15.3\(3\)s2
- version/cisco ios/15.3\(3\)s3
- version/cisco ios/15.3\(3\)s4
- version/cisco ios/15.3\(3\)s5
- version/cisco ios/15.4\(1\)s
- version/cisco ios/15.4\(1\)s1
- version/cisco ios/15.4\(1\)s2
- version/cisco ios/15.4\(1\)s3
- version/cisco ios/15.4\(2\)s
- version/cisco ios/15.4\(2\)s1
- version/cisco ios/15.4\(2\)s2
- version/cisco ios/15.4\(2\)s3
- version/cisco ios/15.4\(3\)s
- version/cisco ios/15.4\(3\)s1
- version/cisco ios/15.4\(3\)s2
- version/cisco ios/15.5\(1\)s
- version/cisco ios/15.5\(1\)s1
- canonical/cisco ios xe web ui
- version/cisco ios xe web ui/3.2se.0
- version/cisco ios xe web ui/3.2se.1
- version/cisco ios xe web ui/3.2se.2
- version/cisco ios xe web ui/3.2se.3
- version/cisco ios xe web ui/3.3se.0
- version/cisco ios xe web ui/3.3se.1
- version/cisco ios xe web ui/3.3se.2
- version/cisco ios xe web ui/3.3se.3
- version/cisco ios xe web ui/3.3se.4
- version/cisco ios xe web ui/3.3se.5
- version/cisco ios xe web ui/3.3xo.0
- version/cisco ios xe web ui/3.3xo.1
- version/cisco ios xe web ui/3.3xo.2
- version/cisco ios xe web ui/3.4sg.0
- version/cisco ios xe web ui/3.4sg.1
- version/cisco ios xe web ui/3.4sg.2
- version/cisco ios xe web ui/3.4sg.3
- version/cisco ios xe web ui/3.4sg.4
- version/cisco ios xe web ui/3.4sg.5
- version/cisco ios xe web ui/3.4sg.6
- version/cisco ios xe web ui/3.5e.0
- version/cisco ios xe web ui/3.5e.1
- version/cisco ios xe web ui/3.5e.2
- version/cisco ios xe web ui/3.5e.3
- version/cisco ios xe web ui/3.6e.0
- version/cisco ios xe web ui/3.6e.0a
- version/cisco ios xe web ui/3.6e.0b
- version/cisco ios xe web ui/3.6e.1
- version/cisco ios xe web ui/3.6e.2
- version/cisco ios xe web ui/3.6e.2a
- version/cisco ios xe web ui/3.7e.0
- version/cisco ios xe web ui/3.7e.1
- version/cisco ios xe web ui/3.9s.0
- version/cisco ios xe web ui/3.9s.1
- version/cisco ios xe web ui/3.9s.2
- version/cisco ios xe web ui/3.10s.0
- version/cisco ios xe web ui/3.10s.0a
- version/cisco ios xe web ui/3.10s.01
- version/cisco ios xe web ui/3.10s.1
- version/cisco ios xe web ui/3.10s.2
- version/cisco ios xe web ui/3.10s.3
- version/cisco ios xe web ui/3.10s.4
- version/cisco ios xe web ui/3.10s.5
- version/cisco ios xe web ui/3.11s.0
- version/cisco ios xe web ui/3.11s.1
- version/cisco ios xe web ui/3.11s.2
- version/cisco ios xe web ui/3.11s.3
- version/cisco ios xe web ui/3.12s.0
- version/cisco ios xe web ui/3.12s.1
- version/cisco ios xe web ui/3.12s.2
- version/cisco ios xe web ui/3.12s.3
- version/cisco ios xe web ui/3.13s.0
- version/cisco ios xe web ui/3.13s.1
- version/cisco ios xe web ui/3.13s.2
- version/cisco ios xe web ui/3.14s.0
- version/cisco ios xe web ui/3.14s.1