VDB
CVE-2015-6321
CVE-2015-6321
PUBLISHED
CVSS 7.800000190734863 HIGH
Cisco AsyncOS before 8.5.7-042, 9.x before 9.1.0-032, 9.1.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-042 on Email Security Appliance (ESA) devices; before 9.1.0-032, 9.1.1 before 9.1.1-005, and 9.5.x before 9.5.0-025 on Content Security Management Appliance (SMA) devices; and before 7.7.0-725 and 8.x before 8.0.8-113 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via a flood of TCP packets, aka Bug IDs CSCus79774, CSCus79777, and CSCzv95795.
EPSS 0.55% · 68.5th percentile
Risk Scores
CVSS 2.0
7.800000190734863
EPSS Score
0.55%
68.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cisco | content_security_management_appliance | 9.1.0-004, 7.8.0-328, 7.8.1-001 |
| cisco | email_security_appliance | 8.9.1-000, 7.7.1-000, 7.8.0-311 |
| cisco | web_security_appliance | 5.6.0-623, 7.5.0-000, 7.5.0-825 |
| n/a | n/a | n/a |
Exploit Intelligence
- 20151104 Cisco AsyncOS TCP Flood Denial of Service Vulnerability (circl)
- 1034060 (circl)
- 1034061 (circl)
Timeline
- Nov 4, 2015 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- 20151104 Cisco AsyncOS TCP Flood Denial of Service Vulnerability vendor-advisory
- 1034060 vdb
- 1034061 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2015-6321 advisory