Vulnerability CVE-2012-5036

Vulnerability CVE-2012-5036

Published: 2014-04-23

Description:

Cisco IOS before 12.2(50)SY1 allows remote authenticated users to cause a denial of service (memory consumption) via a sequence of VTY management sessions (aka exec sessions), aka Bug ID CSCtn43662.

Type:

CWE-399

(Resource Management Errors)

CVSS2 => (AV:N/AC:L/Au:S/C:N/I:N/A:C)

CVSS Base Score	Impact Subscore	Exploitability Subscore
6.8/10	6.9/10	8/10

Exploit range	Attack complexity	Authentication
Remote	Low	Single time
Confidentiality impact	Integrity impact	Availability impact
None	None	Complete

Affected software
Cisco -> IOS

References:

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SY/release/notes/ol_20679.html

Copyright 2024, cxsecurity.com