CVE-2015-0631

high Cisco
CVSS v3 Base Score
7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C
EPSS Score
0.4%
Exploitation probability in 30 days
Top 37% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
M
Confidentiality
None
Integrity
None
Availability
C
Published: February 21, 2015 (4100 days ago)
Last Modified: May 6, 2026
Vendor: Cisco
Source: NVD

Description

Race condition in the SSL implementation on Cisco Intrusion Prevention System (IPS) devices allows remote attackers to cause a denial of service by making many management-interface HTTPS connections during the key-regeneration phase of an upgrade, aka Bug ID CSCui25688.

CWE

CWE-362

Affected Products

cisco ips sensor software

References

🔗 tools.cisco.com 🔗 www.securityfocus.com 🔗 www.securitytracker.com 🔗 tools.cisco.com 🔗 www.securityfocus.com