CVE-2015-6360

high

Cisco

CVSS v3 Base Score

7.5

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score

18.5%

Exploitation probability in 30 days

Top 5% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Confidentiality

None

Integrity

None

Availability

High

Published: April 21, 2016 (3675 days ago)

Last Modified: May 6, 2026

Vendor: Cisco

Source: NVD

Description

The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.

CWE

CWE-119

Affected Products

cisco ios xecisco webex meeting centercisco dx series ip phones firmwarecisco ip phone 7800 series firmwarecisco ip phone 8800 series firmwarecisco unified ip phone 6900 series firmwarecisco unified ip phone 7900 series firmwarecisco unified ip phone 8900 series firmwarecisco unified wireless ip phone 7920 firmwarecisco adaptive security appliance software

References

🔗 tools.cisco.com 🔗 www.debian.org 🔗 www.securitytracker.com 🔗 www.securitytracker.com 🔗 www.securitytracker.com

CVE-2015-6360

Vulnerability Report

Description

CWE

Affected Products

References