Improper input validation in Cisco Asr_5000_series_software
CVE-2015-4273
The Packet Data Network Gateway (aka PGW) component on Cisco ASR 5000 devices with software 15.0(912), 15.0(935), and 15.0(938) allows remote attackers to cause a denial of service (Session Manager outage) via malformed fields in an IP pac…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.005 (64.3th percentile) — read the EPSS interpretation.
Affected products
- Cisco Asr_5000_series_software — versions 15.0\(912\), 15.0\(935\), 15.0\(938\)
- N/a — versions n/a
Weakness classification (CWE)
References
- 1032928 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)
- 20150714 Cisco Packet Data Network Gateway IP Stack Denial of Service Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)