CVE-2015-6429 | Vulnerability Database | Aqua Security

The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service (IPsec connection termination) via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236.

Affected Software

Name	Vendor	Start Version	End Version
Ios	Cisco	15.4(3)s (including)	15.4(3)s (including)
Ios	Cisco	15.5(1)s (including)	15.5(1)s (including)
Ios	Cisco	15.5(1)t (including)	15.5(1)t (including)
Ios	Cisco	15.5(2)s (including)	15.5(2)s (including)
Ios	Cisco	15.5(2)t (including)	15.5(2)t (including)
Ios	Cisco	15.5(3)m (including)	15.5(3)m (including)
Ios	Cisco	15.5(3)m1 (including)	15.5(3)m1 (including)
Ios	Cisco	15.5(3)s (including)	15.5(3)s (including)
Ios	Cisco	15.5(3)s1 (including)	15.5(3)s1 (including)
Ios	Cisco	15.6(0.17)t (including)	15.6(0.17)t (including)
Ios	Cisco	15.6(1)t0a (including)	15.6(1)t0a (including)

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios
http://www.securitytracker.com/id/1034505
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios
http://www.securitytracker.com/id/1034505

NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-6429
CWE	https://cwe.mitre.org/data/definitions/19.html