CVE-2002-2316

3 documents3 sources
Severity
5.0MEDIUM
EPSS
0.5%
top 32.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Catos
Timeline
PublishedDec 31
Latest updateApr 30

Description

Cisco Catalyst 4000 series switches running CatOS 5.5.5, 6.3.5, and 7.1.2 do not always learn MAC addresses from a single initial packet, which causes unicast traffic to be broadcast across the switch and allows remote attackers to obtain sensitive network information by sniffing.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDcisco/catos5.5\(5\), 6.3\(5\), 7.1\(2\)+2

🔴Vulnerability Details

2
GHSA
GHSA-89w8-c2hh-36r7: Cisco Catalyst 4000 series switches running CatOS 52022-04-30
CVEList
CVE-2002-2316: Cisco Catalyst 4000 series switches running CatOS 52007-10-26
CVE-2002-2316 (MEDIUM CVSS 5) | Cisco Catalyst 4000 series switches | cvebase.io