CVE-2010-0576 — Cisco IOS vulnerability

CWE-3994 documents4 sources

Severity

7.8HIGHNVD

EPSS

1.7%

top 17.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco IOS Cisco IOS XE Cisco IOS XR

Timeline

PublishedMar 25

Latest updateMay 2

Description

Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, and IOS XR 3.2.x through 3.4.3, when Multiprotocol Label Switching (MPLS) and Label Distribution Protocol (LDP) are enabled, allows remote attackers to cause a denial of service (device reload or process restart) via a crafted LDP packet, aka Bug IDs CSCsz45567 and CSCsj25893.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages3 packages

▶NVDcisco/ios168 versions+167

▶NVDcisco/ios_xe2.1, 2.2, 2.3+2

▶NVDcisco/ios_xr15 versions+14

Patches

Patch: www.cisco.com ↗Patch: www.cisco.com ↗

🔴Vulnerability Details

GHSA

GHSA-jchr-vxfj-2cxw: Unspecified vulnerability in Cisco IOS 12↗2022-05-02

▶

CVEList

CVE-2010-0576: Unspecified vulnerability in Cisco IOS 12↗2010-03-25

▶

📋Vendor Advisories

Cisco

Cisco IOS Software Multiprotocol Label Switching Packet Vulnerability↗2010-03-24

▶