Code injection

2013-04-1110:55:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.6%

JSON

Cisco IOS XE 3.2 through 3.4 before 3.4.2S, and 3.5, on 1000 series Aggregation Services Routers (ASR), when bridge domain interface (BDI) is enabled, allows remote attackers to cause a denial of service (card reload) via packets that are not properly handled during the processing of encapsulation, aka Bug ID CSCtt11558.

CPENameOperatorVersion
ios_xeeq3.2.0-xo.15.2-xo
ios_xeeq3.2.115
ios_xeeq3.2.0-sg
ios_xeeq3.2.0-xo
ios_xeeq3.2.1115
ios_xeeq3.2.1-sg
ios_xeeq3.2.2115
ios_xeeq3.2.2-sg
ios_xeeq3.2.3-sg
ios_xeeq3.2.4-sg

Name	Operator	Version
ios_xe	eq	3.2.0-xo.15.2-xo
ios_xe	eq	3.2.115
ios_xe	eq	3.2.0-sg
ios_xe	eq	3.2.0-xo
ios_xe	eq	3.2.1115
ios_xe	eq	3.2.1-sg
ios_xe	eq	3.2.2115
ios_xe	eq	3.2.2-sg
ios_xe	eq	3.2.3-sg
ios_xe	eq	3.2.4-sg