CVE-2001-0650Improper Handling of Undefined Parameters in Cisco IOS

CWE-236Improper Handling of Undefined Parameters3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
1.3%
top 20.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedSep 20
Latest updateApr 30

Description

Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDcisco/ios12.0+3

Patches

Patch: www.cisco.comPatch: www.kb.cert.orgPatch: www.cisco.com

🔴Vulnerability Details

1
GHSA
GHSA-mqp5-7qvm-xrpr: Cisco devices IOS 122022-04-30

📐Framework References

1
CWE
Improper Handling of Undefined Parameters
CVE-2001-0650 — Cisco IOS vulnerability | cvebase