CVE-2003-1398 — Sensitive Information Exposure in Cisco IOS

CWE-200 — Sensitive Information Exposure2 documents2 sources

Severity

9.3CRITICALNVD

EPSS

0.7%

top 27.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco IOS

Timeline

PublishedDec 31

Latest updateApr 29

Description

Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, which allows remote attackers to cause a denial of service (network routing modification).

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDcisco/ios12 versions+11

🔴Vulnerability Details

GHSA

GHSA-g5ww-8j5m-f3wq: Cisco IOS 12↗2022-04-29

▶