cisco ios CVE-2016-6415 vulnerability in Cisco Products
Published on September 19, 2016

The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN.

Vendor Advisory NVD

Known Exploited Vulnerability

This Cisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Cisco IOS, IOS XR, and IOS XE contain insufficient condition checks in the part of the code that handles Internet Key Exchange version 1 (IKEv1) security negotiation requests. contains an information disclosure vulnerability in the Internet Key Exchange version 1 (IKEv1) that could allow an attacker to retrieve memory contents. Successful exploitation could allow the attacker to retrieve memory contents, which can lead to information disclosure.

The following remediation steps are recommended / required by June 9, 2023: Apply updates per vendor instructions.

Vulnerability Analysis

CVE-2016-6415 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

What is an Information Disclosure Vulnerability?

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

CVE-2016-6415 has been classified to as an Information Disclosure vulnerability or weakness.

Products Associated with CVE-2016-6415

You can be notified by whenever vulnerabilities like CVE-2016-6415 are published in these products:


What versions are vulnerable to CVE-2016-6415?