Lucene search

[email protected]CVE-2012-5037

HistoryApr 23, 2014 - 11:52 a.m.

CVE-2012-5037

2014-04-2311:52:59

CWE-264

[email protected]

web.nvd.nist.gov

cisco ios

acl

catalyst 6500

catalyst 7600

denial of service

vulnerability

bug id

cscts16133

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:N/I:N/A:C

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.2%

JSON

The ACL implementation in Cisco IOS before 15.1(1)SY on Catalyst 6500 and 7600 devices allows local users to cause a denial of service (device reload) via a “no object-group” command followed by an object-group command, aka Bug ID CSCts16133.

Affected configurations

NVD

Node

ciscoiosRange≤15.1

AND

ciscocatalyst_6500

ciscocatalyst_7600

CPENameOperatorVersion
cisco:ioscisco iosle15.1
cisco:catalyst_6500cisco catalyst 6500eq*
cisco:catalyst_7600cisco catalyst 7600eq*

CPE	Name	Operator	Version
cisco:ios	cisco ios	le	15.1
cisco:catalyst_6500	cisco catalyst 6500	eq	*
cisco:catalyst_7600	cisco catalyst 7600	eq	*

References

www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:N/I:N/A:C

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.2%

JSON

Related for CVE-2012-5037

prion1 cvelist1 nvd1