CVE-2012-5017

2014-04-2311:52:59

CWE-20

[email protected]

web.nvd.nist.gov

cve-2012-5017

cisco ios

denial of service

remote authentication

vpn

cve

nvd

security vulnerability

6.5 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

JSON

Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause a denial of service (device reload) by establishing a VPN session and then sending malformed IKEv2 packets, aka Bug ID CSCub39268.

CPE configuration

NVD

ciscoiosRange≤15.1\(1\)sy

ciscoiosMatch15.1

AND

ciscoasr_1001Match-

ciscoasr_1002Match-

ciscoasr_1002-xMatch-

ciscoasr_1002_fixed_routerMatch-

ciscoasr_1004Match-

ciscoasr_1006Match-

ciscoasr_1023_routerMatch-

CPENameOperatorVersion
cisco:ioscisco iosle15.1\(1\)sy
cisco:ioscisco ioseq15.1
cisco:asr_1001cisco asr 1001eq-
cisco:asr_1002cisco asr 1002eq-
cisco:asr_1002-xcisco asr 1002-xeq-
cisco:asr_1002_fixed_routercisco asr 1002 fixed routereq-
cisco:asr_1004cisco asr 1004eq-
cisco:asr_1006cisco asr 1006eq-
cisco:asr_1023_routercisco asr 1023 routereq-

CPE	Name	Operator	Version
cisco:ios	cisco ios	le	15.1\(1\)sy
cisco:ios	cisco ios	eq	15.1
cisco:asr_1001	cisco asr 1001	eq	-
cisco:asr_1002	cisco asr 1002	eq	-
cisco:asr_1002-x	cisco asr 1002-x	eq	-
cisco:asr_1002_fixed_router	cisco asr 1002 fixed router	eq	-
cisco:asr_1004	cisco asr 1004	eq	-
cisco:asr_1006	cisco asr 1006	eq	-
cisco:asr_1023_router	cisco asr 1023 router	eq	-