CVE-2007-0917 — Cisco IOS vulnerability

CWE-3997 documents5 sources

Severity

6.4MEDIUMNVD

EPSS

0.7%

top 28.64%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco IOS

Timeline

PublishedFeb 14

Latest updateMay 1

Description

The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages1 packages

▶NVDcisco/ios25 versions+24

🔴Vulnerability Details

GHSA

GHSA-hg22-3fv6-cgm7: The Intrusion Prevention System (IPS) feature for Cisco IOS 12↗2022-05-01

▶

CVEList

CVE-2007-0917: The Intrusion Prevention System (IPS) feature for Cisco IOS 12↗2007-02-14

▶

📋Vendor Advisories

Cisco

Multiple IOS IPS Vulnerabilities↗2007-02-13

▶

💬Community

Bugzilla

CVE-2007-3998 php floating point exception inside wordwrap↗2007-09-04

▶

Bugzilla

CVE-2007-4659 php zend_alter_ini_entry() memory_limit interruption↗2007-09-04

▶

Bugzilla

CVE-2007-3799 php cross-site cookie insertion↗2007-08-03

▶