CVE-2008-3805Cisco IOS vulnerability

CWE-3997 documents4 sources
Severity
8.5HIGHNVD
EPSS
1.6%
top 18.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedSep 26
Latest updateMay 2

Description

Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3806.

CVSS vector

AV:N/AC:L/C:N/I:P/A:CExploitability: 10.0 | Impact: 7.8

Affected Packages1 packages

NVDcisco/ios17 versions+16

🔴Vulnerability Details

4
GHSA
GHSA-fqgf-h56q-h3fr: Cisco IOS 122022-05-02
GHSA
GHSA-chmv-527h-xmg2: Cisco IOS 122022-05-02
CVEList
CVE-2008-3806: Cisco IOS 122008-09-26
CVEList
CVE-2008-3805: Cisco IOS 122008-09-26

📋Vendor Advisories

1
Cisco
Cisco 10000, uBR10012, uBR7200 Series Devices IPC Vulnerability2008-09-24
CVE-2008-3805 — Cisco IOS vulnerability | cvebase