Code injection

2015-03-2610:59:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.2%

JSON

The high-speed logging (HSL) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via large IP packets that require NAT and HSL processing after fragmentation, aka Bug ID CSCuo25741.

CPENameOperatorVersion
ios_xeeq3.11.1152
ios_xeeq3.2.1150
ios_xeeq3.1.1150
ios_xeeq3.1.1152
ios_xeeq3.7.1156
ios_xeeq3.7.1151
ios_xeeq3.7.1153
ios_xeeq3.7.1152
ios_xeeq3.10.115097
ios_xeeq3.3.1151

Name	Operator	Version
ios_xe	eq	3.11.1152
ios_xe	eq	3.2.1150
ios_xe	eq	3.1.1150
ios_xe	eq	3.1.1152
ios_xe	eq	3.7.1156
ios_xe	eq	3.7.1151
ios_xe	eq	3.7.1153
ios_xe	eq	3.7.1152
ios_xe	eq	3.10.115097
ios_xe	eq	3.3.1151