Lucene search

[email protected]NVD:CVE-2011-0935

HistoryApr 14, 2011 - 4:55 p.m.

CVE-2011-0935

2011-04-1416:55:01

CWE-310

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.2

Confidence

Low

EPSS

0.003

Percentile

71.8%

JSON

The PKI functionality in Cisco IOS 15.0 and 15.1 does not prevent permanent caching of certain public keys, which allows remote attackers to bypass authentication and have unspecified other impact by leveraging an IKE peer relationship in which a key was previously valid but later revoked, aka Bug ID CSCth82164, a different vulnerability than CVE-2010-4685.

Affected configurations

Nvd

Node

ciscoiosMatch15.0

ciscoiosMatch15.1

VendorProductVersionCPE
ciscoios15.0cpe:2.3:o:cisco:ios:15.0:*:*:*:*:*:*:*
ciscoios15.1cpe:2.3:o:cisco:ios:15.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios	15.0	cpe:2.3:o:cisco:ios:15.0:::::::*
cisco	ios	15.1	cpe:2.3:o:cisco:ios:15.1:::::::*

References

www.cisco.com/en/US/docs/ios/15_1/release/notes/151-2TCAVS.html

www.cisco.com/en/US/docs/ios/15_1s/release/notes/15_1s_caveats_15_1_1s.html

www.securityfocus.com/bid/47407

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.2

Confidence

Low

EPSS

0.003

Percentile

71.8%

JSON

Related for NVD:CVE-2011-0935

cve2 prion2 cvelist2 nvd1