ID
VAR-201507-0505
CVE
CVE-2015-4275
TITLE
Cisco ASR 5000 Runs on device software Packet Data Network Gateway Service disruption in components (DoS) Vulnerabilities
Trust: 0.8
DESCRIPTION
The Packet Data Network Gateway (aka PGW) component on Cisco ASR 5000 devices with software 18.0.0.59167 and 18.0.0.59211 allows remote attackers to cause a denial of service via a malformed header in a GTPv2 packet, aka Bug ID CSCut11534. Vendors have confirmed this vulnerability Bug ID CSCut11534 It is released as.By a third party GTPv2 Denial of service via malformed headers in packets (DoS) There is a possibility of being put into a state. The Cisco ASR 5000 Series is a carrier-grade platform for deploying high-demand 3G networks and migrating to Long Term Evolution (LTE). An attacker can exploit this issue to cause the GTPv2 service on an affected device to become unresponsive, resulting in a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCut11534. Cisco ASR 5000 Series is the 5000 series wireless controller products of Cisco (Cisco)
Trust: 2.52
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | cisco | model: | asr 5000 series software | scope: | eq | version: | 18.0.0.59167 | Trust: 2.4 |
| vendor: | cisco | model: | asr 5000 series software | scope: | eq | version: | 18.0.0.59211 | Trust: 2.4 |
| vendor: | cisco | model: | asr 5000 router | scope: | - | version: | - | Trust: 0.8 |
| vendor: | cisco | model: | asr 5500 router | scope: | - | version: | - | Trust: 0.8 |
| vendor: | cisco | model: | asr 5700 router | scope: | - | version: | - | Trust: 0.8 |
| vendor: | cisco | model: | asr series software | scope: | eq | version: | 500018.0 | Trust: 0.6 |
| vendor: | cisco | model: | asr series software | scope: | eq | version: | 500018.0.0.59211 | Trust: 0.3 |
| vendor: | cisco | model: | asr series software | scope: | eq | version: | 500018.0.0.59167 | Trust: 0.3 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-399 | Trust: 1.9 |
THREAT TYPE
remote
Trust: 0.6
TYPE
resource management error
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | 39934 | url: | http://tools.cisco.com/security/center/viewAlert.x?alertId=39934 | Trust: 0.8 |
| title: | Cisco ASR 5000 Router GTPv2 Input Verification Denial of Service Vulnerability Patch | url: | https://www.cnvd.org.cn/patchInfo/show/61248 | Trust: 0.6 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2015-4275 | Trust: 3.4 |
| db: | SECTRACK | id: | 1032984 | Trust: 1.1 |
| db: | BID | id: | 75909 | Trust: 1.0 |
| db: | JVNDB | id: | JVNDB-2015-003855 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201507-633 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2015-04959 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-82236 | Trust: 0.1 |
REFERENCES
| url: | http://tools.cisco.com/security/center/viewalert.x?alertid=39934 | Trust: 2.6 |
| url: | http://www.securitytracker.com/id/1032984 | Trust: 1.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4275 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4275 | Trust: 0.8 |
| url: | http://www.cisco.com/ | Trust: 0.3 |
CREDITS
Cisco
Trust: 0.3
SOURCES
| db: | CNVD | id: | CNVD-2015-04959 |
| db: | VULHUB | id: | VHN-82236 |
| db: | BID | id: | 75909 |
| db: | JVNDB | id: | JVNDB-2015-003855 |
| db: | CNNVD | id: | CNNVD-201507-633 |
| db: | NVD | id: | CVE-2015-4275 |
LAST UPDATE DATE
2025-04-13T23:25:13.501000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2015-04959 | date: | 2015-07-29T00:00:00 |
| db: | VULHUB | id: | VHN-82236 | date: | 2017-09-22T00:00:00 |
| db: | BID | id: | 75909 | date: | 2015-07-15T00:00:00 |
| db: | JVNDB | id: | JVNDB-2015-003855 | date: | 2015-07-22T00:00:00 |
| db: | CNNVD | id: | CNNVD-201507-633 | date: | 2015-07-23T00:00:00 |
| db: | NVD | id: | CVE-2015-4275 | date: | 2025-04-12T10:46:40.837 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2015-04959 | date: | 2015-07-28T00:00:00 |
| db: | VULHUB | id: | VHN-82236 | date: | 2015-07-16T00:00:00 |
| db: | BID | id: | 75909 | date: | 2015-07-15T00:00:00 |
| db: | JVNDB | id: | JVNDB-2015-003855 | date: | 2015-07-22T00:00:00 |
| db: | CNNVD | id: | CNNVD-201507-633 | date: | 2015-07-17T00:00:00 |
| db: | NVD | id: | CVE-2015-4275 | date: | 2015-07-16T19:59:02.007 |