CVE-2006-3906

medium

Cisco

CVSS v3 Base Score

5.0

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS Score

4.3%

Exploitation probability in 30 days

Top 11% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

None

Integrity

None

Availability

Published: July 27, 2006 (7230 days ago)

Last Modified: April 16, 2026

Vendor: Cisco

Source: NVD

Description

Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected.

CWE

NVD-CWE-Other

Affected Products

cisco ioscisco vpn 3001 concentratorcisco vpn 3015 concentratorcisco vpn 3020 concentratorcisco vpn 3030 concentatorcisco vpn 3060 concentratorcisco vpn 3080 concentratorcisco adaptive security appliance softwarecisco vpn 3000 concentrator series softwarecisco vpn 3005 concentrator software

References

🔗 archives.neohapsis.com 🔗 securityreason.com 🔗 securitytracker.com 🔗 www.cisco.com 🔗 www.nta-monitor.com

CVE-2006-3906

Vulnerability Report

Description

CWE

Affected Products

References