CVE-2010-2830Cisco IOS vulnerability

CWE-3994 documents4 sources
Severity
7.1HIGHNVD
EPSS
0.4%
top 39.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco IOSCisco IOS XE
Timeline
PublishedSep 23
Latest updateMay 17

Description

The IGMPv3 implementation in Cisco IOS 12.2, 12.3, 12.4, and 15.0 and IOS XE 2.5.x before 2.5.2, when PIM is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed IGMP packet, aka Bug ID CSCte14603.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages2 packages

NVDcisco/ios163 versions+162
NVDcisco/ios_xe2.5.0, 2.5.1+1

Patches

Patch: www.cisco.comPatch: www.cisco.com

🔴Vulnerability Details

2
GHSA
GHSA-6qc9-3fv7-cfp2: The IGMPv3 implementation in Cisco IOS 122022-05-17
CVEList
CVE-2010-2830: The IGMPv3 implementation in Cisco IOS 122010-09-23

📋Vendor Advisories

1
Cisco
Cisco IOS Software Internet Group Management Protocol Denial of Service Vulnerability2010-09-22
CVE-2010-2830 — Cisco IOS vulnerability | cvebase