CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:N/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
44.3%
A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. The vulnerability is due to an internal state not being represented correctly in the SSH state machine, which leads to an unexpected behavior. An attacker could exploit this vulnerability by creating an SSH connection to an affected device and using a specific traffic pattern that causes an error condition within that connection. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | ios | 12.2(6)i1 | cpe:2.3:o:cisco:ios:12.2\(6\)i1:*:*:*:*:*:*:* |
cisco | ios | 12.2(58)ex | cpe:2.3:o:cisco:ios:12.2\(58\)ex:*:*:*:*:*:*:* |
cisco | ios | 12.2(58)ey | cpe:2.3:o:cisco:ios:12.2\(58\)ey:*:*:*:*:*:*:* |
cisco | ios | 12.2(58)ey1 | cpe:2.3:o:cisco:ios:12.2\(58\)ey1:*:*:*:*:*:*:* |
cisco | ios | 12.2(58)ey2 | cpe:2.3:o:cisco:ios:12.2\(58\)ey2:*:*:*:*:*:*:* |
cisco | ios | 12.2(58)ez | cpe:2.3:o:cisco:ios:12.2\(58\)ez:*:*:*:*:*:*:* |
cisco | ios | 12.2(58)se | cpe:2.3:o:cisco:ios:12.2\(58\)se:*:*:*:*:*:*:* |
cisco | ios | 12.2(58)se1 | cpe:2.3:o:cisco:ios:12.2\(58\)se1:*:*:*:*:*:*:* |
cisco | ios | 12.2(58)se2 | cpe:2.3:o:cisco:ios:12.2\(58\)se2:*:*:*:*:*:*:* |
cisco | ios | 12.2(60)ez | cpe:2.3:o:cisco:ios:12.2\(60\)ez:*:*:*:*:*:*:* |
[
{
"product": "Cisco IOS 12.2(58)SE",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
]
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:N/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
44.3%