CVE-2018-15464 Information

Description

A vulnerability in Cisco 900 Series Aggregation Services Router (ASR) software could allow an unauthenticated remote attacker to cause a partial denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient handling of certain broadcast packets ingress to the device. An attacker could exploit this vulnerability by sending large streams of broadcast packets to an affected device. If successful an exploit could allow an attacker to impact services running on the device resulting in a partial DoS condition.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

Reference

http://www.securityfocus.com/bid/106550 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-asr900-dos

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

CHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

LOW

Base Severity

5.8