CVE-2015-4203 — Race Condition in Cisco IOS

CWE-362 — Race Condition4 documents4 sources
Severity
5.4MEDIUMNVD
EPSS
0.7%
top 28.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedJun 23
Latest updateMay 17

Description

Race condition in Cisco IOS 12.2SCH in the Performance Routing Engine (PRE) module on uBR10000 devices, when NetFlow and an MPLS IPv6 VPN are configured, allows remote attackers to cause a denial of service (PXF process crash) by sending malformed MPLS 6VPE packets quickly, aka Bug ID CSCud83396.

CVSS vector

AV:N/AC:H/C:N/I:N/A:CExploitability: 4.9 | Impact: 6.9

Affected Packages1 packages

â–¶NVDcisco/ios12.2\(33\)sch, 12.2sch+1

🔴Vulnerability Details

2
GHSA
GHSA-mfgx-5384-69g8: Race condition in Cisco IOS 12↗2022-05-17
â–¶
CVEList
CVE-2015-4203: Race condition in Cisco IOS 12↗2015-06-23
â–¶

📋Vendor Advisories

1
Cisco
Cisco IOS Software UBR Devices IPv6 VPN Multiprotocol Label Switching Denial of Service Vulnerability↗2015-06-22
â–¶
CVE-2015-4203 — Race Condition in Cisco IOS | cvebase