CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
EPSS
Percentile
94.1%
Cisco IOS device may crash while processing malformed Secure Sockets Layer (SSL) packets. In order to trigger these vulnerabilities, a malicious client must send malformed packets during the SSL protocol exchange with the vulnerable device.
Successful repeated exploitation of any of these vulnerabilities may lead to a sustained Denial-of-Service (DoS); however, vulnerabilities are not known to compromise either the confidentiality or integrity of the data or the device. These vulnerabilities are not believed to allow an attacker to decrypt any previously encrypted information.
Cisco IOS is affected by the following vulnerabilities:
Processing ClientHello messages, documented as Cisco bug ID CSCsb12598 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCsb12598"] ( registered ["https://sec.cloudapps.cisco.comRPF/register/register.do"] customers only)
Processing ChangeCipherSpec messages, documented as Cisco bug ID CSCsb40304 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCsb40304"] ( registered ["https://sec.cloudapps.cisco.comRPF/register/register.do"] customers only)
Processing Finished messages, documented as Cisco bug ID CSCsd92405 ["https://bst.cloudapps.cisco.com/bugsearch/bug/CSCsd92405"] ( registered ["https://sec.cloudapps.cisco.comRPF/register/register.do"] customers only)
Cisco has made free software available to address these vulnerabilities for affected customers. There are workarounds available to mitigate the effects of these vulnerabilities.
This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070522-SSL [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070522-SSL”]
Note: Another related advisory has been posted with this advisory. This additional advisory also describes a vulnerability related to cryptography that affects Cisco IOS. This related advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070522-crypto [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070522-crypto”]
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | ios | 12.1xi | cpe:2.3:o:cisco:ios:12.1xi:*:*:*:*:*:*:* |
cisco | ios | 12.2b | cpe:2.3:o:cisco:ios:12.2b:*:*:*:*:*:*:* |
cisco | ios | 12.2s | cpe:2.3:o:cisco:ios:12.2s:*:*:*:*:*:*:* |
cisco | ios | 12.2ya | cpe:2.3:o:cisco:ios:12.2ya:*:*:*:*:*:*:* |
cisco | ios | 12.2yc | cpe:2.3:o:cisco:ios:12.2yc:*:*:*:*:*:*:* |
cisco | ios | 12.2yd | cpe:2.3:o:cisco:ios:12.2yd:*:*:*:*:*:*:* |
cisco | ios | 12.0xe | cpe:2.3:o:cisco:ios:12.0xe:*:*:*:*:*:*:* |
cisco | ios | 12.2bc | cpe:2.3:o:cisco:ios:12.2bc:*:*:*:*:*:*:* |
cisco | ios | 12.0xk | cpe:2.3:o:cisco:ios:12.0xk:*:*:*:*:*:*:* |
cisco | ios | 12.1xm | cpe:2.3:o:cisco:ios:12.1xm:*:*:*:*:*:*:* |