CVE-2010-0584 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Cisco IOS

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
7.8HIGHNVD
EPSS
0.8%
top 25.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedMar 25
Latest updateMay 2

Description

Unspecified vulnerability in Cisco IOS 12.4, when NAT SCCP fragmentation support is enabled, allows remote attackers to cause a denial of service (device reload) via crafted Skinny Client Control Protocol (SCCP) packets, aka Bug ID CSCsy09250.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

â–¶NVDcisco/ios26 versions+25

🔴Vulnerability Details

2
GHSA
GHSA-8j95-63h3-gqvw: Unspecified vulnerability in Cisco IOS 12↗2022-05-02
â–¶
CVEList
CVE-2010-0584: Unspecified vulnerability in Cisco IOS 12↗2010-03-25
â–¶

📋Vendor Advisories

1
Cisco
Cisco IOS Software NAT Skinny Call Control Protocol Vulnerability↗2010-03-24
â–¶
CVE-2010-0584 — Cisco IOS vulnerability | cvebase