CVE-2015-4200

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 15.3S

Description The issue is related to errors in resource management in the Performance Routing Engine (PRE) module of Cisco IOS. It can be exploited by a remote attacker to cause a denial of service by triggering errors during data exchange between devices. Specifically, a memory leak in the IPv6-to-IPv4 functionality allows remote attackers to consume memory, leading to a denial of service.

Recommendations For Cisco IOS version 15.3S, consider restricting access to the Performance Routing Engine (PRE) module to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid triggering errors during CPE negotiation to prevent memory consumption. At the moment, there is no information about a newer version that contains a fix for this vulnerability.