CVE-2008-3812

2008-09-2616:21:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

#cisco

ios

firewall

aic

http

deep packet inspection

denial of service

cve-2008-3812

nvd

6.7 Medium

AI Score

Confidence

High

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.013 Low

EPSS

Percentile

86.1%

JSON

Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet.

CPENameOperatorVersion
cisco:ioscisco ioseq12.4t
cisco:ioscisco ioseq12.4xj
cisco:ioscisco ioseq12.4xv
cisco:ioscisco ioseq12.4xw
cisco:ioscisco ioseq12.4xk
cisco:ioscisco ioseq12.4xe

CPE	Name	Operator	Version
cisco:ios	cisco ios	eq	12.4t
cisco:ios	cisco ios	eq	12.4xj
cisco:ios	cisco ios	eq	12.4xv
cisco:ios	cisco ios	eq	12.4xw
cisco:ios	cisco ios	eq	12.4xk
cisco:ios	cisco ios	eq	12.4xe