CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
AI Score
Confidence
High
EPSS
Percentile
77.8%
The TFTP server in Cisco IOS 12.2(44)SQ1, 12.2(33)XN1, 12.4(25e)JAM1, 12.4(25e)JAO5m, 12.4(23)JY, 15.0(2)ED1, 15.0(2)EY3, 15.1(3)SVF4a, and 15.2(2)JB1 and IOS XE 2.5.x, 2.6.x, 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, and 3.5.xS before 3.6.0S; 3.1.xSG, 3.2.xSG, and 3.3.xSG before 3.4.0SG; 3.2.xSE before 3.3.0SE; 3.2.xXO before 3.3.0XO; 3.2.xSQ; 3.3.xSQ; and 3.4.xSQ allows remote attackers to cause a denial of service (device hang or reload) via multiple requests that trigger improper memory management, aka Bug ID CSCts66733.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | ios | 12.2(33)xn1 | cpe:2.3:o:cisco:ios:12.2\(33\)xn1:*:*:*:*:*:*:* |
cisco | ios | 12.2(44)sq1 | cpe:2.3:o:cisco:ios:12.2\(44\)sq1:*:*:*:*:*:*:* |
cisco | ios | 12.4(23)jy | cpe:2.3:o:cisco:ios:12.4\(23\)jy:*:*:*:*:*:*:* |
cisco | ios | 12.4(25e)jam1 | cpe:2.3:o:cisco:ios:12.4\(25e\)jam1:*:*:*:*:*:*:* |
cisco | ios | 12.4(25e)jao5m | cpe:2.3:o:cisco:ios:12.4\(25e\)jao5m:*:*:*:*:*:*:* |
cisco | ios | 15.0(2)ed1 | cpe:2.3:o:cisco:ios:15.0\(2\)ed1:*:*:*:*:*:*:* |
cisco | ios | 15.0(2)ey3 | cpe:2.3:o:cisco:ios:15.0\(2\)ey3:*:*:*:*:*:*:* |
cisco | ios | 15.1(3)svf4a | cpe:2.3:o:cisco:ios:15.1\(3\)svf4a:*:*:*:*:*:*:* |
cisco | ios | 15.2(2)jb1 | cpe:2.3:o:cisco:ios:15.2\(2\)jb1:*:*:*:*:*:*:* |
cisco | ios_xe | 2.5.0 | cpe:2.3:o:cisco:ios_xe:2.5.0:*:*:*:*:*:*:* |