CVE-2009-5038Improper Input Validation in Cisco IOS

CWE-20Improper Input Validation3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.9%
top 25.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedJan 7
Latest updateMay 2

Description

Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during a specific time period after an initial reload, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a certain IRC server, related to a "corrupted magic value," aka Bug ID CSCso05336.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

NVDcisco/ios< 15.0\(1\)xa

🔴Vulnerability Details

2
GHSA
GHSA-p246-42mx-3wpf: Cisco IOS before 152022-05-02
CVEList
CVE-2009-5038: Cisco IOS before 152011-01-07
CVE-2009-5038 — Improper Input Validation in Cisco IOS | cvebase