CVE-2008-2060

CWE-16 CWE-3994 documents4 sources

Severity

7.8HIGH

EPSS

0.7%

top 28.57%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Intrusion Prevention System

Timeline

PublishedJun 18

Latest updateMay 1

Description

Unspecified vulnerability in Cisco Intrusion Prevention System (IPS) 5.x before 5.1(8)E2 and 6.x before 6.0(5)E2, when inline mode and jumbo Ethernet support are enabled, allows remote attackers to cause a denial of service (panic), and possibly bypass intended restrictions on network traffic, via a "specific series of jumbo Ethernet frames."

CVSS vector

AV:N/AC:M/C:P/I:N/A:CExploitability: 8.6 | Impact: 7.8

Affected Packages1 packages

▶NVDcisco/intrusion_prevention_system5.1, 6.0+1

Patches

Patch: www.cisco.com ↗Patch: www.cisco.com ↗

🔴Vulnerability Details

GHSA

GHSA-vjff-mhv7-25px: Unspecified vulnerability in Cisco Intrusion Prevention System (IPS) 5↗2022-05-01

▶

CVEList

CVE-2008-2060: Unspecified vulnerability in Cisco Intrusion Prevention System (IPS) 5↗2008-06-18

▶

📋Vendor Advisories

Cisco

Cisco Intrusion Prevention System Jumbo Frame Denial of Service↗2008-06-18

▶