OpenCVE

The Local Packet Transport Services (LPTS) implementation in Cisco IOS XR 5.1.2, 5.1.3, 5.2.1, and 5.2.2 on ASR9k devices makes incorrect decisions about the opening of TCP and UDP ports during the processing of flow base entries, which allows remote attackers to cause a denial of service (resource consumption) by sending traffic to these ports continuously, aka Bug ID CSCur88273.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Ios Xr

Configuration 1 [-]

OR	cpe:2.3:o:cisco:ios_xr:5.1.2:::::::*
	cpe:2.3:o:cisco:ios_xr:5.1.3:::::::*
	cpe:2.3:o:cisco:ios_xr:5.2.1:::::::*
	cpe:2.3:o:cisco:ios_xr:5.2.2:::::::*

No data.

References

Link	Providers
http://tools.cisco.com/security/center/viewAlert.x?alertId=40068
http://www.securitytracker.com/id/1033043

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2015-07-23T14:00:00

Updated: 2024-08-06T06:11:12.386Z

Reserved: 2015-06-04T00:00:00

Link: CVE-2015-4285

Vulnrichment

No data.

NVD

Status : Modified

Published: 2015-07-23T14:59:00.067

Modified: 2024-11-21T02:30:46.097

Link: CVE-2015-4285

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-07-22T00:00:00", "descriptions": [{"lang": "en", "value": "The Local Packet Transport Services (LPTS) implementation in Cisco IOS XR 5.1.2, 5.1.3, 5.2.1, and 5.2.2 on ASR9k devices makes incorrect decisions about the opening of TCP and UDP ports during the processing of flow base entries, which allows remote attackers to cause a denial of service (resource consumption) by sending traffic to these ports continuously, aka Bug ID CSCur88273."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2015-08-14T16:57:05", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20150722 Cisco IOS XR LPTS Network Stack Remote Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40068"}, {"name": "1033043", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1033043"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2015-4285", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Local Packet Transport Services (LPTS) implementation in Cisco IOS XR 5.1.2, 5.1.3, 5.2.1, and 5.2.2 on ASR9k devices makes incorrect decisions about the opening of TCP and UDP ports during the processing of flow base entries, which allows remote attackers to cause a denial of service (resource consumption) by sending traffic to these ports continuously, aka Bug ID CSCur88273."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20150722 Cisco IOS XR LPTS Network Stack Remote Denial of Service Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40068"}, {"name": "1033043", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1033043"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T06:11:12.386Z"}, "title": "CVE Program Container", "references": [{"name": "20150722 Cisco IOS XR LPTS Network Stack Remote Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40068"}, {"name": "1033043", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1033043"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2015-4285", "datePublished": "2015-07-23T14:00:00", "dateReserved": "2015-06-04T00:00:00", "dateUpdated": "2024-08-06T06:11:12.386Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xr:5.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "61C1B066-9DED-46D7-9DF7-AB55DF01B80F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "53E2D669-70EA-455E-BC9C-E97065502DD1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "95175A2E-14DB-4730-93EA-2291ED7E0DFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "AB5452CA-E4DF-49FD-A677-3F6257F14707", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Local Packet Transport Services (LPTS) implementation in Cisco IOS XR 5.1.2, 5.1.3, 5.2.1, and 5.2.2 on ASR9k devices makes incorrect decisions about the opening of TCP and UDP ports during the processing of flow base entries, which allows remote attackers to cause a denial of service (resource consumption) by sending traffic to these ports continuously, aka Bug ID CSCur88273."}, {"lang": "es", "value": "'Vulnerabilidad en la implementaci\u00f3n del Local Packet Transport Services (LPTS) en los dispositivos Cisco IOS XR 5.1.2, 5.1.3, 5.2.1 y 5.2.2, y en los ASR9k, que toman decisiones incorrectas respecto a la apertura de puertos TCP y UDP durante el procesamiento de entradas de flujo base, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de recursos) enviando continuamente tr\u00e1fico a estos puertos, tambi\u00e9n conocido como ID CSCur88273."}], "id": "CVE-2015-4285", "lastModified": "2024-11-21T02:30:46.097", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-07-23T14:59:00.067", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40068"}, {"source": "ykramarz@cisco.com", "url": "http://www.securitytracker.com/id/1033043"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40068"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1033043"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}