CVE-2015-4203

EPSS 0.66%
Veröffentlicht 23.06.2015 14:59:01
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle psirt@cisco.com
CVE-Watchlists
Login
Unerledigt
Login

Race condition in Cisco IOS 12.2SCH in the Performance Routing Engine (PRE) module on uBR10000 devices, when NetFlow and an MPLS IPv6 VPN are configured, allows remote attackers to cause a denial of service (PXF process crash) by sending malformed MPLS 6VPE packets quickly, aka Bug ID CSCud83396.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Ios Version12.2sch

Cisco ≫ Ubr10000 Cable Modem Termination System Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.66%	0.701

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.4	4.9	6.9	AV:N/AC:H/Au:N/C:N/I:N/A:C

CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

http://www.securitytracker.com/id/1032692

Third Party Advisory

VDB Entry

http://tools.cisco.com/security/center/viewAlert.x?alertId=39439

Vendor Advisory

http://www.securityfocus.com/bid/75339

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2015-4203

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-4203

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-4203

EUVD