PT-2015-1414 · Cisco · Cisco Ios

Published

2015-06-23

Updated

2016-12-28

CVE-2015-4204

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.2

Description The issue is related to resource management errors in the Performance Routing Engine (PRE) module of Cisco IOS. It can be exploited by a remote attacker to cause a denial of service by sending docsIfMCmtsMib SNMP requests. This can lead to memory consumption or a crash of the PXF process.

Recommendations For Cisco IOS version 12.2, consider restricting access to the docsIfMCmtsMib SNMP requests to minimize the risk of exploitation. As a temporary workaround, limit the rate of docsIfMCmtsMib SNMP requests to prevent excessive memory consumption.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

BDU:2015-10509

CVE-2015-4204

Affected Products

Cisco Ios

PT-2015-1414 · Cisco · Cisco Ios

CVE-2015-4204

Weakness Enumeration

Related Identifiers

Affected Products

References · 5