Lucene search

CiscoCVE-2012-1315

HistoryMar 29, 2012 - 11:01 a.m.

CVE-2012-1315

2012-03-2911:01:16

CWE-399

cisco

web.nvd.nist.gov

cisco

ios

zone-based firewall

denial of service

memory leak

sip traffic

vulnerability

cve-2012-1315

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.8

Confidence

High

EPSS

0.019

Percentile

88.6%

JSON

Memory leak in the SIP inspection feature in the Zone-Based Firewall in Cisco IOS 12.4, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted transit SIP traffic, aka Bug ID CSCti46171.

Affected configurations

Nvd

Node

ciscoiosMatch12.4

ciscoiosMatch15.0

ciscoiosMatch15.1

ciscoiosMatch15.2

VendorProductVersionCPE
ciscoios12.4cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:*
ciscoios15.0cpe:2.3:o:cisco:ios:15.0:*:*:*:*:*:*:*
ciscoios15.1cpe:2.3:o:cisco:ios:15.1:*:*:*:*:*:*:*
ciscoios15.2cpe:2.3:o:cisco:ios:15.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios	12.4	cpe:2.3:o:cisco:ios:12.4:::::::*
cisco	ios	15.0	cpe:2.3:o:cisco:ios:15.0:::::::*
cisco	ios	15.1	cpe:2.3:o:cisco:ios:15.1:::::::*
cisco	ios	15.2	cpe:2.3:o:cisco:ios:15.2:::::::*

References

osvdb.org/80699

secunia.com/advisories/48608

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-zbfw

www.securityfocus.com/bid/52753

www.securitytracker.com/id?1026861

exchange.xforce.ibmcloud.com/vulnerabilities/74437

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.8

Confidence

High

EPSS

0.019

Percentile

88.6%

JSON

Related for CVE-2012-1315