CVE-2016-6415CISA KEVEPSS p99.7%

CVE-2016-6415Cisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerability

Cisco / IOS, IOS XR, and IOS XE

Description

Cisco IOS, IOS XR, and IOS XE contain insufficient condition checks in the part of the code that handles Internet Key Exchange version 1 (IKEv1) security negotiation requests. contains an information disclosure vulnerability in the Internet Key Exchange version 1 (IKEv1) that could allow an attacker to retrieve memory contents. Successful exploitation could allow the attacker to retrieve memory contents, which can lead to information disclosure.

Scoring

EPSS87.69% probability of exploitation · percentile 99.7% · 2026-06-17T12:03:21Z

CISA KEV entry

Added to KEV: 2023-05-19

(incoming)1

TypeTargetConfidenceTier
KEVEntryCisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerabilitykev-cve-2016-64150%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Cisco IOS and XE Software Internet Key Exchange Memory Leak Vulnerability
CVE
Cisco IOS and XE Software Internet Key Exchange Version 1 Denial-of-Service Vulnerability
CVE
Cisco IOS and IOS XE Software Internet Key Exchange Denial-of-Service Vulnerability
CVE
CVE-2026-20012
CVE
Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability
CVE
Cisco IOS Software Integrated Services Module for VPN Denial-of-Service Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.