Lucene search

CiscoCVE-2011-4012

HistoryMay 02, 2012 - 10:09 a.m.

CVE-2011-4012

2012-05-0210:09:21

cisco

web.nvd.nist.gov

cisco

ios

12.0

15.0

15.1

fragment entry

icmpv6

acl

cve-2011-4012

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.002

Percentile

60.1%

JSON

Cisco IOS 12.0, 15.0, and 15.1, when a Policy Feature Card 3C (PFC3C) is used, does not create a fragment entry during processing of an ICMPv6 ACL, which has unspecified impact and remote attack vectors, aka Bug ID CSCtj90091.

Affected configurations

Nvd

Node

ciscoiosMatch12.0

ciscoiosMatch15.0

ciscoiosMatch15.1

VendorProductVersionCPE
ciscoios12.0cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*
ciscoios15.0cpe:2.3:o:cisco:ios:15.0:*:*:*:*:*:*:*
ciscoios15.1cpe:2.3:o:cisco:ios:15.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios	12.0	cpe:2.3:o:cisco:ios:12.0:::::::*
cisco	ios	15.0	cpe:2.3:o:cisco:ios:15.0:::::::*
cisco	ios	15.1	cpe:2.3:o:cisco:ios:15.1:::::::*

References

www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/release/notes/caveats_SXJ.html

www.securitytracker.com/id?1027005

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.002

Percentile

60.1%

JSON

Related for CVE-2011-4012