Vulnerability Details : CVE-2015-4285
The Local Packet Transport Services (LPTS) implementation in Cisco IOS XR 5.1.2, 5.1.3, 5.2.1, and 5.2.2 on ASR9k devices makes incorrect decisions about the opening of TCP and UDP ports during the processing of flow base entries, which allows remote attackers to cause a denial of service (resource consumption) by sending traffic to these ports continuously, aka Bug ID CSCur88273.
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2015-4285
Probability of exploitation activity in the next 30 days: 0.19%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 55 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2015-4285
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2015-4285
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-4285
-
http://tools.cisco.com/security/center/viewAlert.x?alertId=40068
Cisco IOS XR LPTS Network Stack Remote Denial of Service VulnerabilityVendor Advisory
-
http://www.securitytracker.com/id/1033043
Cisco ASR 9000 Series Router IOS XR LPTS Network Stack Lets Remote Users Consume Excessive CPU Resources on the Target System - SecurityTracker
Products affected by CVE-2015-4285
- cpe:2.3:o:cisco:ios_xr:5.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:5.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:5.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:5.1.3:*:*:*:*:*:*:*