VAR-201506-0258
Vulnerability from variot - Updated: 2025-04-13 23:42The Gateway General Packet Radio Service Support Node (GGSN) component on Cisco ASR 5000 devices with software 17.2.0.59184 and 18.0.L0.59219 allows remote attackers to cause a denial of service (Session Manager restart) via an invalid TCP/IP header, aka Bug ID CSCut68058. Vendors have confirmed this vulnerability Bug ID CSCut68058 It is released as.Invalid by a third party TCP/IP Service disruption via header (Session Manager Restart ) There is a possibility of being put into a state. The Cisco ASR 5000 Series is a carrier-grade platform for deploying high-demand 3G networks and migrating to Long Term Evolution (LTE). Cisco ASR 5000 Series Software is prone to a denial-of-service vulnerability. Successful exploitation of the issue will cause the device to reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCut68058
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201506-0258",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "asr 5000 series software",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "17.2.0.59184"
},
{
"model": "asr 5000 series software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "18.0.l059219"
},
{
"model": "asr 5000 series software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "18.0.l0.59219"
},
{
"model": "asr 5000 router",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asr devices with software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "500017.2.0.59184"
},
{
"model": "asr devices with software 18.0.l0.59219",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5000"
},
{
"model": "asr series software 18.0.l0.59219",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"model": "asr series software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "500017.2.0.59184"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03988"
},
{
"db": "BID",
"id": "75323"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003227"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-347"
},
{
"db": "NVD",
"id": "CVE-2015-4201"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:asr_5000_series_software",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:asr_5000",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003227"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "75323"
}
],
"trust": 0.3
},
"cve": "CVE-2015-4201",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-4201",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-03988",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-82162",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-4201",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-4201",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-03988",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201506-347",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-82162",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03988"
},
{
"db": "VULHUB",
"id": "VHN-82162"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003227"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-347"
},
{
"db": "NVD",
"id": "CVE-2015-4201"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Gateway General Packet Radio Service Support Node (GGSN) component on Cisco ASR 5000 devices with software 17.2.0.59184 and 18.0.L0.59219 allows remote attackers to cause a denial of service (Session Manager restart) via an invalid TCP/IP header, aka Bug ID CSCut68058. Vendors have confirmed this vulnerability Bug ID CSCut68058 It is released as.Invalid by a third party TCP/IP Service disruption via header (Session Manager Restart ) There is a possibility of being put into a state. The Cisco ASR 5000 Series is a carrier-grade platform for deploying high-demand 3G networks and migrating to Long Term Evolution (LTE). Cisco ASR 5000 Series Software is prone to a denial-of-service vulnerability. \nSuccessful exploitation of the issue will cause the device to reload, denying service to legitimate users. \nThis issue is being tracked by Cisco Bug ID CSCut68058",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-4201"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003227"
},
{
"db": "CNVD",
"id": "CNVD-2015-03988"
},
{
"db": "BID",
"id": "75323"
},
{
"db": "VULHUB",
"id": "VHN-82162"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-4201",
"trust": 3.4
},
{
"db": "BID",
"id": "75323",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1032677",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003227",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201506-347",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-03988",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-82162",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03988"
},
{
"db": "VULHUB",
"id": "VHN-82162"
},
{
"db": "BID",
"id": "75323"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003227"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-347"
},
{
"db": "NVD",
"id": "CVE-2015-4201"
}
]
},
"id": "VAR-201506-0258",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03988"
},
{
"db": "VULHUB",
"id": "VHN-82162"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03988"
}
]
},
"last_update_date": "2025-04-13T23:42:04.127000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "39431",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39431"
},
{
"title": "Cisco ASR 5000 Series Router GGSN TCP/IP Handling Denial of Service Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/59984"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03988"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003227"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-82162"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003227"
},
{
"db": "NVD",
"id": "CVE-2015-4201"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39431"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/75323"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032677"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4201"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4201"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03988"
},
{
"db": "VULHUB",
"id": "VHN-82162"
},
{
"db": "BID",
"id": "75323"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003227"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-347"
},
{
"db": "NVD",
"id": "CVE-2015-4201"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-03988"
},
{
"db": "VULHUB",
"id": "VHN-82162"
},
{
"db": "BID",
"id": "75323"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003227"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-347"
},
{
"db": "NVD",
"id": "CVE-2015-4201"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-03988"
},
{
"date": "2015-06-20T00:00:00",
"db": "VULHUB",
"id": "VHN-82162"
},
{
"date": "2015-06-19T00:00:00",
"db": "BID",
"id": "75323"
},
{
"date": "2015-06-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003227"
},
{
"date": "2015-06-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-347"
},
{
"date": "2015-06-20T10:59:00.077000",
"db": "NVD",
"id": "CVE-2015-4201"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-03988"
},
{
"date": "2016-12-28T00:00:00",
"db": "VULHUB",
"id": "VHN-82162"
},
{
"date": "2015-06-19T00:00:00",
"db": "BID",
"id": "75323"
},
{
"date": "2015-06-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003227"
},
{
"date": "2015-06-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-347"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-4201"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-347"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco ASR 5000 Device software Gateway General Packet Radio Service Support Node Service disruption in components (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003227"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-347"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…