CVE-2015-4205
Severity Score
5.7
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service (NPU chip reset or line-card reload) by sending crafted IEEE 802.3x flow-control PAUSE frames on the local network, aka Bug ID CSCut19959.
Cisco IOS XR 5.3.1 en los dispositivos ASR 9000 permite a atacantes remotos causar una denegación de servicio (restablecimiento del chip NPU o recarga de tarjeta de línea) mediante el envío de tramas manipuladas de PAUSE en el control de flujo de IEEE 802.3x en la red local, también conocido como Bug ID CSCut19959.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2015-06-04 CVE Reserved
- 2015-06-23 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/75352 | Third Party Advisory | |
| http://www.securitytracker.com/id/1032691 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=39455 | 2016-12-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 5.3.1 Search vendor "Cisco" for product "Ios Xr" and version "5.3.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9001 Search vendor "Cisco" for product "Asr 9001" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 5.3.1 Search vendor "Cisco" for product "Ios Xr" and version "5.3.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9006 Search vendor "Cisco" for product "Asr 9006" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 5.3.1 Search vendor "Cisco" for product "Ios Xr" and version "5.3.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9010 Search vendor "Cisco" for product "Asr 9010" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 5.3.1 Search vendor "Cisco" for product "Ios Xr" and version "5.3.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9904 Search vendor "Cisco" for product "Asr 9904" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 5.3.1 Search vendor "Cisco" for product "Ios Xr" and version "5.3.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9912 Search vendor "Cisco" for product "Asr 9912" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Ios Xr Search vendor "Cisco" for product "Ios Xr" | 5.3.1 Search vendor "Cisco" for product "Ios Xr" and version "5.3.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 9922 Search vendor "Cisco" for product "Asr 9922" | - | - |
Safe
|