Lucene search

CiscoCVELIST:CVE-2018-15464

HistoryJan 11, 2019 - 3:00 p.m.

CVE-2018-15464 Cisco ASR 900 Series Aggregation Services Router Software Denial of Service Vulnerability

2019-01-1115:00:00

CWE-400

cisco

www.cve.org

CVSS3

5.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

AI Score

5.6

Confidence

High

EPSS

0.001

Percentile

46.7%

JSON

A vulnerability in Cisco 900 Series Aggregation Services Router (ASR) software could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient handling of certain broadcast packets ingress to the device. An attacker could exploit this vulnerability by sending large streams of broadcast packets to an affected device. If successful, an exploit could allow an attacker to impact services running on the device, resulting in a partial DoS condition.

CNA Affected

[
  {
    "product": "Cisco ASR 900 Series Aggregation Services Routers",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

www.securityfocus.com/bid/106550

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-asr900-dos

CVSS3

5.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

AI Score

5.6

Confidence

High

EPSS

0.001

Percentile

46.7%

JSON

Related for CVELIST:CVE-2018-15464