Vulnerability in Cisco Asr_5000_series_software

CVE-2015-4275

The Packet Data Network Gateway (aka PGW) component on Cisco ASR 5000 devices with software 18.0.0.59167 and 18.0.0.59211 allows remote attackers to cause a denial of service via a malformed header in a GTPv2 packet, aka Bug ID CSCut11534.

EPSS: 0.005 (65.2th percentile) — read the EPSS interpretation.

Affected products

Cisco Asr_5000_series_software — versions 18.0.0.59167, 18.0.0.59211
N/a — versions n/a

Weakness classification (CWE)

CWE-399

References

1032984 (vdb-entry, x_refsource_SECTRACK)
20150715 Cisco Packet Data Network Gateway GTPv2 Tunnel Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)