Sign-up

ID

VAR-201507-0513


CVE

CVE-2015-4285


TITLE

ASR9k Runs on the device Cisco IOS XR of Local Packet Transport Services Service disruption in implementations (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-003927

DESCRIPTION

The Local Packet Transport Services (LPTS) implementation in Cisco IOS XR 5.1.2, 5.1.3, 5.2.1, and 5.2.2 on ASR9k devices makes incorrect decisions about the opening of TCP and UDP ports during the processing of flow base entries, which allows remote attackers to cause a denial of service (resource consumption) by sending traffic to these ports continuously, aka Bug ID CSCur88273. Vendors have confirmed this vulnerability Bug ID CSCur88273 It is released as.By a third party TCP and UDP Service operation is disrupted by continuously sending traffic to the port. ( Resource consumption ) There is a possibility of being put into a state. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. Cisco IOS XR Software for ASR 9000 Series routers is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial of service (DoS) condition. This issue is being tracked by Cisco Bug ID CSCur88273. The vulnerability stems from the fact that the program does not correctly handle the basic flow items, resulting in TCP and UDP ports being opened incorrectly. The following releases are affected: Cisco IOS XR Release 5.1.2, Release 5.1.3, Release 5.2.1, Release 5.2.2

Trust: 2.52

sources: NVD: CVE-2015-4285 // JVNDB: JVNDB-2015-003927 // CNVD: CNVD-2015-05037 // BID: 76002 // VULHUB: VHN-82246

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2015-05037

AFFECTED PRODUCTS

vendor:ciscomodel:ios xrscope:eqversion:5.1.2

Trust: 2.4

vendor:ciscomodel:ios xrscope:eqversion:5.1.3

Trust: 2.4

vendor:ciscomodel:ios xrscope:eqversion:5.2.1

Trust: 2.4

vendor:ciscomodel:ios xrscope:eqversion:5.2.2

Trust: 2.4

vendor:ciscomodel:ios xr softwarescope:eqversion:5.1.2

Trust: 0.9

vendor:ciscomodel:ios xr softwarescope:eqversion:5.1.3

Trust: 0.9

vendor:ciscomodel:ios xr softwarescope:eqversion:5.2.1

Trust: 0.9

vendor:ciscomodel:ios xr softwarescope:eqversion:5.2.2

Trust: 0.9

vendor:ciscomodel:asr 9001 routerscope: - version: -

Trust: 0.8

vendor:ciscomodel:asr 9006 routerscope: - version: -

Trust: 0.8

vendor:ciscomodel:asr 9010 routerscope: - version: -

Trust: 0.8

vendor:ciscomodel:asr 9904 routerscope: - version: -

Trust: 0.8

vendor:ciscomodel:asr 9912 routerscope: - version: -

Trust: 0.8

vendor:ciscomodel:asr 9922 routerscope: - version: -

Trust: 0.8

sources: CNVD: CNVD-2015-05037 // BID: 76002 // JVNDB: JVNDB-2015-003927 // CNNVD: CNNVD-201507-750 // NVD: CVE-2015-4285

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-4285
value: MEDIUM

Trust: 1.0

NVD: CVE-2015-4285
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2015-05037
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201507-750
value: MEDIUM

Trust: 0.6

VULHUB: VHN-82246
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-4285
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2015-05037
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-82246
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2015-05037 // VULHUB: VHN-82246 // JVNDB: JVNDB-2015-003927 // CNNVD: CNNVD-201507-750 // NVD: CVE-2015-4285

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.9

sources: VULHUB: VHN-82246 // JVNDB: JVNDB-2015-003927 // NVD: CVE-2015-4285

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201507-750

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201507-750

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-003927

PATCH
title:40068url:http://tools.cisco.com/security/center/viewAlert.x?alertId=40068
Trust: 0.8
title:Patch for Cisco ASR9k IOS XR Local Packet Transport Services Denial of Service Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/61712
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2015-05037 // 
            
            
            
            JVNDB: JVNDB-2015-003927

EXTERNAL IDS
db:NVDid:CVE-2015-4285
Trust: 3.4
db:SECTRACKid:1033043
Trust: 1.1
db:BIDid:76002
Trust: 1.0
db:JVNDBid:JVNDB-2015-003927
Trust: 0.8
db:CNNVDid:CNNVD-201507-750
Trust: 0.7
db:CNVDid:CNVD-2015-05037
Trust: 0.6
db:VULHUBid:VHN-82246
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2015-05037 // 
            
            
            
            VULHUB: VHN-82246 // 
            
            
            
            BID: 76002 // 
            
            
            
            JVNDB: JVNDB-2015-003927 // 
            
            
            
            CNNVD: CNNVD-201507-750 // 
            
            
            
            NVD: CVE-2015-4285

REFERENCES
url:http://tools.cisco.com/security/center/viewalert.x?alertid=40068
Trust: 2.6
url:http://www.securitytracker.com/id/1033043
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4285
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4285
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2015-05037 // 
            
            
            
            VULHUB: VHN-82246 // 
            
            
            
            BID: 76002 // 
            
            
            
            JVNDB: JVNDB-2015-003927 // 
            
            
            
            CNNVD: CNNVD-201507-750 // 
            
            
            
            NVD: CVE-2015-4285

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 76002

SOURCES
db:CNVDid:CNVD-2015-05037
db:VULHUBid:VHN-82246
db:BIDid:76002
db:JVNDBid:JVNDB-2015-003927
db:CNNVDid:CNNVD-201507-750
db:NVDid:CVE-2015-4285

LAST UPDATE DATE
2024-11-23T23:05:38.643000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2015-05037date:2015-07-30T00:00:00
db:VULHUBid:VHN-82246date:2015-09-03T00:00:00
db:BIDid:76002date:2015-07-22T00:00:00
db:JVNDBid:JVNDB-2015-003927date:2015-07-27T00:00:00
db:CNNVDid:CNNVD-201507-750date:2015-07-30T00:00:00
db:NVDid:CVE-2015-4285date:2024-11-21T02:30:46.097

SOURCES RELEASE DATE
db:CNVDid:CNVD-2015-05037date:2015-07-30T00:00:00
db:VULHUBid:VHN-82246date:2015-07-23T00:00:00
db:BIDid:76002date:2015-07-22T00:00:00
db:JVNDBid:JVNDB-2015-003927date:2015-07-27T00:00:00
db:CNNVDid:CNNVD-201507-750date:2015-07-24T00:00:00
db:NVDid:CVE-2015-4285date:2015-07-23T14:59:00.067