CVE-2010-2836 — Cisco IOS vulnerability

Vendor	Product	Version range	Fixed in
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—

Cisco

Cisco IOS SSL VPN Vulnerability

vendor_cisco·2010-09-22·CVSS 7.8

CVE-2010-2836 [HIGH] CWE-399 Cisco IOS SSL VPN Vulnerability Cisco IOS SSL VPN Vulnerability Cisco IOS® Software contains a vulnerability when the Cisco IOS SSL VPN feature is configured with an HTTP redirect. Exploitation could allow a remote, unauthenticated user to cause a memory leak on the affected devices, that could result in a memory exhaustion condition that may cause device reloads, the inability to service new TCP connections, and other denial of service (DoS) conditions. Cisco has released software updates that address this vulnerability. There is a workaround to mitigate this vulnerability. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20100922-sslvpn. Note: The September 22, 2010, Cisco IOS Software Security Advisory bundled publication includes six Cisco Security A

Cisco

Cisco IOS SSL VPN Vulnerability

vendor_cisco

CVE-2010-2836 Cisco IOS SSL VPN Vulnerability CVE-2010-2836: Cisco IOS SSL VPN Vulnerability Cisco IOS® Software contains a vulnerability when the Cisco IOS SSL VPN feature is configured with an HTTP redirect. Exploitation could allow a remote, unauthenticated user to cause a memory leak on the affected devices, that could result in a memory exhaustion condition that may cause device reloads, the inability to service new TCP connections, and other denial of service (DoS) conditions. Cisco has released software updates that address this vulnerability. There is a workaround to mitigate this vulnerability. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20100922-sslvpn . Note: The September 22, 2010, Cisco IOS Software Security Advisory bundled publication includes six Cis

GHSA

GHSA-7m26-wxj8-3cqr: Memory leak in the SSL VPN feature in Cisco IOS 12

ghsa_unreviewed·2022-05-17

CVE-2010-2836 [HIGH] GHSA-7m26-wxj8-3cqr: Memory leak in the SSL VPN feature in Cisco IOS 12 Memory leak in the SSL VPN feature in Cisco IOS 12.4, 15.0, and 15.1, when HTTP port redirection is enabled, allows remote attackers to cause a denial of service (memory consumption) by improperly disconnecting SSL sessions, leading to connections that remain in the CLOSE-WAIT state, aka Bug ID CSCtg21685.

CVE-2010-2836: Memory leak in the SSL VPN feature in Cisco IOS 12.4, 15.0, and 15.1, when HTTP port redirection is enabled, allows remote attackers to cause a denial of…

Affected