6.8 Medium
AI Score
Confidence
High
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.001 Low
EPSS
Percentile
49.0%
A vulnerability in the Internet Group Management Protocol (IGMP)
version 3 implementation of Cisco IOS® Software and Cisco IOS XE Software
allows a remote unauthenticated attacker to cause a reload of an affected
device. Repeated attempts to exploit this vulnerability could result in a
sustained denial of service (DoS) condition. Cisco has released free software
updates that address this vulnerability.
This advisory is posted at
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20100922-igmp[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20100922-igmp”].
Note: The September 22, 2010, Cisco IOS Software
Security Advisory bundled publication includes six Cisco Security Advisories.
Five of the advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses vulnerabilities in Cisco Unified Communications Manager.
Each advisory lists the releases that correct the vulnerability or
vulnerabilities detailed in the advisory. The table at the following URL lists
releases that correct all Cisco IOS Software vulnerabilities that have been
published on September 22, 2010, or earlier:
Individual publication links are in “Cisco Event Response:
Semiannual Cisco IOS Software Security Advisory Bundled Publication” at the
following link: