Vulnerability Description
Race condition in Cisco IOS 12.2SCH in the Performance Routing Engine (PRE) module on uBR10000 devices, when NetFlow and an MPLS IPv6 VPN are configured, allows remote attackers to cause a denial of service (PXF process crash) by sending malformed MPLS 6VPE packets quickly, aka Bug ID CSCud83396.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios | 12.2\(33\)sch |
| Cisco | Ubr10000 Cable Modem Termination System | - |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/viewAlert.x?alertId=39439Vendor Advisory
- http://www.securityfocus.com/bid/75339Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032692Third Party AdvisoryVDB Entry
- http://tools.cisco.com/security/center/viewAlert.x?alertId=39439Vendor Advisory
- http://www.securityfocus.com/bid/75339Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032692Third Party AdvisoryVDB Entry
FAQ
What is CVE-2015-4203?
CVE-2015-4203 is a vulnerability with a CVSS score of 5.4 (MEDIUM). Race condition in Cisco IOS 12.2SCH in the Performance Routing Engine (PRE) module on uBR10000 devices, when NetFlow and an MPLS IPv6 VPN are configured, allows remote attackers to cause a denial of s...
How severe is CVE-2015-4203?
CVE-2015-4203 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-4203?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios, Cisco Ubr10000 Cable Modem Termination System.