Vulnerability CVE-2011-3270


Published: 2011-10-03   Modified: 2011-10-04

Description:
Unspecified vulnerability in Cisco IOS 12.2SB before 12.2(33)SB10 and 15.0S before 15.0(1)S3a on Cisco 10000 series routers allows remote attackers to cause a denial of service (device reload) via a sequence of crafted ICMP packets, aka Bug ID CSCtk62453.

Type:

CWE-noinfo

Vendor: Cisco
Product: IOS 
Version:
15.0s
15.0(1)s2
15.0(1)s1
12.2sb
12.2(33)sb9
12.2(33)sb8a
12.2(33)sb8
12.2(33)sb7
12.2(33)sb6
12.2(33)sb5
12.2(33)sb4
12.2(33)sb3
12.2(33)sb2
12.2(33)sb1
12.2(33)sb
12.2(31)sb9
12.2(31)sb8
12.2(31)sb7
12.2(31)sb6
12.2(31)sb5
12.2(31)sb3x
12.2(31)sb3
12.2(31)sb21
12.2(31)sb20
12.2(31)sb2
12.2(31)sb19
12.2(31)sb18
12.2(31)sb17
12.2(31)sb16
12.2(31)sb15
12.2(31)sb14
12.2(31)sb13
12.2(31)sb12
12.2(31)sb11
12.2(31)sb10
12.2(28)sb9
12.2(28)sb8
12.2(28)sb7
12.2(28)sb6
12.2(28)sb5
12.2(28)sb4
12.2(28)sb3
12.2(28)sb2
12.2(28)sb13
12.2(28)sb12
12.2(28)sb11
12.2(28)sb10
12.2(28)sb1
12.2(28)sb
Product: 10008 router 

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete

 References:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d50.shtml
http://tools.cisco.com/security/center/viewAlert.x?alertId=24114

Related CVE
CVE-2017-12372
A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing ...
CVE-2017-12371
A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing ...
CVE-2017-12370
A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing ...
CVE-2017-12369
A "Cisco WebEx Network Recording Player Out-of-Bounds Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user w...
CVE-2017-12368
A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing ...
CVE-2017-12367
A "Cisco WebEx Network Recording Player Denial of Service Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a us...
CVE-2017-12366
A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system. The vulnerability is due to insufficient input validation of some param...
CVE-2017-12365
A vulnerability in Cisco WebEx Event Center could allow an authenticated, remote attacker to view unlisted meeting information. The vulnerability is due to a design flaw in the product. An attacker could execute a query on an Event Center site to vie...

Copyright 2017, cxsecurity.com

 

Back to Top