CVE-2006-4774 — Cisco IOS vulnerability

CWE-3997 documents4 sources

Severity

7.8HIGHNVD

NVD6.1CNA6.1

EPSS

5.7%

top 9.57%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco IOS

Timeline

PublishedSep 14

Latest updateMay 1

Description

The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to cause a denial of service by sending a VTP version 1 summary frame with a VTP version field value of 2.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

▶NVDcisco/ios12.1\(19\), 12.1\(22\)ea3+1

Patches

Patch: www.cisco.com ↗Patch: www.cisco.com ↗

🔴Vulnerability Details

GHSA

GHSA-x2rx-8768-8678: Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12↗2022-05-01

▶

GHSA

GHSA-qw2r-x5rp-6wm2: The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12↗2022-05-01

▶

CVEList

CVE-2005-4826: Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12↗2007-01-31

▶

CVEList

CVE-2006-4774: The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12↗2006-09-14

▶

📋Vendor Advisories

Cisco

Cisco IOS VTP Malformed Version Denial of Service Vulnerability↗2006-09-13

▶