How severe is CVE-2015-0675?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.3 out of 10.

What type of vulnerability is CVE-2015-0675?

This is classified as CWE-284, which is a common weakness in software security.

CVE-2015-0675 - HIGH Severity | CVSS 8.3

Vulnerability Description

The failover ipsec implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1 before 9.1(6), 9.2 before 9.2(3.3), and 9.3 before 9.3(3) does not properly validate failover communication messages, which allows remote attackers to reconfigure an ASA device, and consequently obtain administrative control, by sending crafted UDP packets over the local network to the failover interface, aka Bug ID CSCur21069.

Related Vulnerabilities

CVE-2015-2692

CRITICAL

CVSS:10.0(Critical)

AdBlock before 2.21 allows remote attackers to block arbitrary resources on arbitrary websites and to disable arbitrary blocking filters.

CWE-2842015

CVE-2016-1038

CRITICAL

CVSS:10.0(Critical)

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers...

CWE-2842016

CVE-2016-1041

CRITICAL

CVSS:10.0(Critical)

CWE-2842016

CVE-2016-1044

CRITICAL

CVSS:10.0(Critical)

CWE-2842016

CVE-2016-8938

CRITICAL

CVSS:10.0(Critical)

IBM UrbanCode Deploy could allow a user to execute code using a specially crafted file upload that would replace code on the server. This code could be executed on the UCD agent machines that host cus...

CWE-2842016

CVE-2017-7928

CRITICAL

CVSS:10.0(Critical)

An Improper Access Control issue was discovered in Schweitzer Engineering Laboratories (SEL) SEL-3620 and SEL-3622 Security Gateway Versions R202 and, R203, R203-V1, R203-V2 and, R204, R204-V1. The de...

CWE-2842017