CVE-2010-0578Improper Restriction of Operations within the Bounds of a Memory Buffer in Cisco IOS

CWE-310CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
7.8HIGHNVD
EPSS
1.7%
top 17.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedMar 25
Latest updateMay 2

Description

The IKE implementation in Cisco IOS 12.2 through 12.4 on Cisco 7200 and 7301 routers with VAM2+ allows remote attackers to cause a denial of service (device reload) via a malformed IKE packet, aka Bug ID CSCtb13491.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

NVDcisco/ios61 versions+60

Patches

Patch: www.cisco.comPatch: www.cisco.com

🔴Vulnerability Details

2
GHSA
GHSA-m286-23j4-m2p5: The IKE implementation in Cisco IOS 122022-05-02
CVEList
CVE-2010-0578: The IKE implementation in Cisco IOS 122010-03-25

📋Vendor Advisories

1
Cisco
Cisco IOS Software IPsec Vulnerability2010-03-24
CVE-2010-0578 — Cisco IOS vulnerability | cvebase