Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-0041

CWE-3994 documents4 sources

Severity

7.8HIGH

EPSS

12.2%

top 6.18%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Cisco Catos

Timeline

PublishedFeb 16

Latest updateApr 30

Description

Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches allows remote attackers to cause a denial of service via a series of failed telnet authentication attempts.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

▶NVDcisco/catos40 versions+39

Patches

Patch: www.cisco.com ↗Patch: www.securityfocus.com ↗Patch: www.cisco.com ↗

🔴Vulnerability Details

GHSA

GHSA-w3j9-383p-8723: Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches allows remote attackers to cause a denial of service via a series of failed telnet↗2022-04-30

▶

CVEList

CVE-2001-0041: Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches allows remote attackers to cause a denial of service via a series of failed telnet↗2001-05-07

▶

💥Exploits & PoCs

Exploit-DB

Cisco Catalyst 4000 4.x/5.x / Catalyst 5000 4.5/5.x / Catalyst 6000 5.x - Memory Leak Denial of Service↗2000-12-06

▶