CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:N/I:N/A:C
EPSS
Percentile
72.1%
A vulnerability in the content scanning module of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a reload of the affected device.
The vulnerability occurs when processing HTTPS packets that need to be redirected to a ScanSafe tower. An attacker could exploit this vulnerability by sending HTTPS packets to be redirected to a ScanSafe tower. An exploit could allow the attacker to cause a reload of the affected device.
Cisco has confirmed the vulnerability in a security notice and released software updates.
To exploit this vulnerability, an attacker may need access to trusted, internal networks in which the targeted device may reside to send HTTPS packets to a targeted device. This access requirement may reduce the likelihood of a successful exploit.