Lucene search

CiscoCVE-2015-4273

HistoryJul 15, 2015 - 2:59 p.m.

CVE-2015-4273

2015-07-1514:59:02

CWE-20

cisco

web.nvd.nist.gov

packet data network gateway

cisco asr 5000

denial of service

vulnerability

nvd

bug id

cscut38476

cve-2015-4273

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.9

Confidence

Low

EPSS

0.001

Percentile

48.6%

JSON

The Packet Data Network Gateway (aka PGW) component on Cisco ASR 5000 devices with software 15.0(912), 15.0(935), and 15.0(938) allows remote attackers to cause a denial of service (Session Manager outage) via malformed fields in an IP packet, aka Bug ID CSCut38476.

Affected configurations

Nvd

Node

ciscoasr_5000_series_softwareMatch15.0\(912\)

ciscoasr_5000_series_softwareMatch15.0\(935\)

ciscoasr_5000_series_softwareMatch15.0\(938\)

VendorProductVersionCPE
ciscoasr_5000_series_software15.0(912)cpe:2.3:a:cisco:asr_5000_series_software:15.0\(912\):*:*:*:*:*:*:*
ciscoasr_5000_series_software15.0(935)cpe:2.3:a:cisco:asr_5000_series_software:15.0\(935\):*:*:*:*:*:*:*
ciscoasr_5000_series_software15.0(938)cpe:2.3:a:cisco:asr_5000_series_software:15.0\(938\):*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	asr_5000_series_software	15.0(912)	cpe:2.3:a:cisco:asr_5000_series_software:15.0\(912\):::::::*
cisco	asr_5000_series_software	15.0(935)	cpe:2.3:a:cisco:asr_5000_series_software:15.0\(935\):::::::*
cisco	asr_5000_series_software	15.0(938)	cpe:2.3:a:cisco:asr_5000_series_software:15.0\(938\):::::::*

References

tools.cisco.com/security/center/viewAlert.x?alertId=39907

www.securitytracker.com/id/1032928

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.9

Confidence

Low

EPSS

0.001

Percentile

48.6%

JSON

Related for CVE-2015-4273