CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
EPSS
Percentile
53.2%
Cisco IOS Software contains a memory leak vulnerability that could be triggered through the processing of malformed Session Initiation Protocol (SIP) messages. Exploitation of this vulnerability could cause an interruption of services. Only devices that are configured for SIP inspection are affected by this vulnerability.
Cisco has released software updates that address this vulnerability. There are no workarounds for devices that must run SIP inspection.
This advisory is available at the following link:
Note: The March 27, 2013, Cisco IOS Software Security Advisory bundled publication includes seven Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the March 2013 bundled publication.
Individual publication links are in “Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication” at the following link:
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | ios | 12.4mr | cpe:2.3:o:cisco:ios:12.4mr:*:*:*:*:*:*:* |
cisco | ios | 12.4t | cpe:2.3:o:cisco:ios:12.4t:*:*:*:*:*:*:* |
cisco | ios | 12.4md | cpe:2.3:o:cisco:ios:12.4md:*:*:*:*:*:*:* |
cisco | ios | 12.4xz | cpe:2.3:o:cisco:ios:12.4xz:*:*:*:*:*:*:* |
cisco | ios | 12.4xr | cpe:2.3:o:cisco:ios:12.4xr:*:*:*:*:*:*:* |
cisco | ios | 12.4mda | cpe:2.3:o:cisco:ios:12.4mda:*:*:*:*:*:*:* |
cisco | ios | 12.4yg | cpe:2.3:o:cisco:ios:12.4yg:*:*:*:*:*:*:* |
cisco | ios | 15.0m | cpe:2.3:o:cisco:ios:15.0m:*:*:*:*:*:*:* |
cisco | ios | 15.0xa | cpe:2.3:o:cisco:ios:15.0xa:*:*:*:*:*:*:* |
cisco | ios | 15.1t | cpe:2.3:o:cisco:ios:15.1t:*:*:*:*:*:*:* |