Vulnerability Details : CVE-2015-4285
The Local Packet Transport Services (LPTS) implementation in Cisco IOS XR 5.1.2, 5.1.3, 5.2.1, and 5.2.2 on ASR9k devices makes incorrect decisions about the opening of TCP and UDP ports during the processing of flow base entries, which allows remote attackers to cause a denial of service (resource consumption) by sending traffic to these ports continuously, aka Bug ID CSCur88273.
Vulnerability category: Denial of service
Products affected by CVE-2015-4285
- cpe:2.3:o:cisco:ios_xr:5.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:5.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:5.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:5.1.3:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-4285
0.19%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 55 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-4285
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2015-4285
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-4285
-
http://tools.cisco.com/security/center/viewAlert.x?alertId=40068
Cisco IOS XR LPTS Network Stack Remote Denial of Service VulnerabilityVendor Advisory
-
http://www.securitytracker.com/id/1033043
Cisco ASR 9000 Series Router IOS XR LPTS Network Stack Lets Remote Users Consume Excessive CPU Resources on the Target System - SecurityTracker
Jump to