The server IKEv1 implementation in Cisco IOS 12.2 up to and including 12.4 and 15.0 up to and including 15.6, IOS XE up to and including 3.18S, IOS XR 4.3.x and 5.0.x up to and including 5.2.x, and PIX prior to 7.0 allows remote malicious users to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco ios |
||
cisco ios xe |
||
cisco ios xr |