Lucene search

K
nvd[email protected]NVD:CVE-2011-4007
HistoryMay 02, 2012 - 10:09 a.m.

CVE-2011-4007

2012-05-0210:09:21
CWE-20
web.nvd.nist.gov
10
cisco
ios
ios xe
denial of service
vulnerability
remote attackers
network traffic
fragmentation
reassembly
bug id
csctr56576

CVSS2

5.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:N/I:N/A:C

AI Score

6.7

Confidence

High

EPSS

0.002

Percentile

58.5%

Cisco IOS 15.0 and 15.1 and IOS XE 3.x do not properly handle the “set mpls experimental imposition” command, which allows remote attackers to cause a denial of service (device crash) via network traffic that triggers (1) fragmentation or (2) reassembly, aka Bug ID CSCtr56576.

Affected configurations

Nvd
Node
ciscoiosMatch15.0
OR
ciscoiosMatch15.1
OR
ciscoios_xeMatch3.1.0s
OR
ciscoios_xeMatch3.1.0sg
OR
ciscoios_xeMatch3.1.1s
OR
ciscoios_xeMatch3.1.1sg
OR
ciscoios_xeMatch3.1.2s
OR
ciscoios_xeMatch3.1.3s
OR
ciscoios_xeMatch3.1.4s
OR
ciscoios_xeMatch3.2.0s
OR
ciscoios_xeMatch3.2.0sg
OR
ciscoios_xeMatch3.2.1s
OR
ciscoios_xeMatch3.2.1sg
OR
ciscoios_xeMatch3.2.2s
OR
ciscoios_xeMatch3.3.0s
OR
ciscoios_xeMatch3.3.1s
OR
ciscoios_xeMatch3.3.2s
OR
ciscoios_xeMatch3.3.3s
OR
ciscoios_xeMatch3.4.0s
OR
ciscoios_xeMatch3.4.1s
OR
ciscoios_xeMatch3.5.0s
VendorProductVersionCPE
ciscoios15.0cpe:2.3:o:cisco:ios:15.0:*:*:*:*:*:*:*
ciscoios15.1cpe:2.3:o:cisco:ios:15.1:*:*:*:*:*:*:*
ciscoios_xe3.1.0scpe:2.3:o:cisco:ios_xe:3.1.0s:*:*:*:*:*:*:*
ciscoios_xe3.1.0sgcpe:2.3:o:cisco:ios_xe:3.1.0sg:*:*:*:*:*:*:*
ciscoios_xe3.1.1scpe:2.3:o:cisco:ios_xe:3.1.1s:*:*:*:*:*:*:*
ciscoios_xe3.1.1sgcpe:2.3:o:cisco:ios_xe:3.1.1sg:*:*:*:*:*:*:*
ciscoios_xe3.1.2scpe:2.3:o:cisco:ios_xe:3.1.2s:*:*:*:*:*:*:*
ciscoios_xe3.1.3scpe:2.3:o:cisco:ios_xe:3.1.3s:*:*:*:*:*:*:*
ciscoios_xe3.1.4scpe:2.3:o:cisco:ios_xe:3.1.4s:*:*:*:*:*:*:*
ciscoios_xe3.2.0scpe:2.3:o:cisco:ios_xe:3.2.0s:*:*:*:*:*:*:*
Rows per page:
1-10 of 211

CVSS2

5.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:N/I:N/A:C

AI Score

6.7

Confidence

High

EPSS

0.002

Percentile

58.5%

Related for NVD:CVE-2011-4007