Main Vulnerability Database Exploits ID:6329 - Exploit for Information disclosure in Cisco Systems, Inc products - CVE-2016-6415

ID:6329 - Exploit for Information disclosure in Cisco Systems, Inc products - CVE-2016-6415

Published: June 17, 2021

Vulnerability identifier: #VU532

Vulnerability risk: High

CVE-ID: CVE-2016-6415

CWE-ID: CWE-200

Exploitation vector: Remote access

Vulnerable software:
Cisco IOS
Cisco IOS XR
Cisco IOS XE

Link to public exploit:

https://www.exploit-db.com/exploits/43383/

Vulnerability description

The vulnerability allows a remote user to access potentially sensitive information on the target system.

The weakness exists due to insufficient checks of IKE packats when handling ISAKMP requests. By sending specially crafted IKEv1 packets to the IKE service via IPv4 or IPv6 a malicious user can obtain memory contents.

Successful exploitation of the vulnerability leads to confidential information disclosure on the vulnerable system.

Note: this vulnerability was being actively exploited in the wild. It was disclosed as part of Equation Group Leak and is reffered as BENIGNCERTAIN exploit.

Remediation

Update to version 5.3.x.

ID:6329 - Exploit for Information disclosure in Cisco Systems, Inc products - CVE-2016-6415

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human