CVE-2015-6359

Name of the Vulnerable Software and Affected Versions Cisco IOS version 15.3(3)S0.1

Description The issue is related to the Neighbor Discovery (ND) protocol implementation in the IPv6 stack, which mishandles internal tables. This allows remote attackers to cause a denial of service, such as memory consumption or device crash, via a flood of crafted ND messages. An attacker could exploit this by sending multiple ND messages to an affected device, depleting its available memory and possibly causing it to crash.

Recommendations For Cisco IOS version 15.3(3)S0.1, update to a newer version that addresses this issue. As a temporary workaround, consider restricting access to the ND protocol handling to minimize the risk of exploitation. Avoid using the affected IPv6 stack until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability, but Cisco has released software updates that address these vulnerabilities.