CVE-2010-4671Uncontrolled Resource Consumption in Cisco IOS

CWE-400Uncontrolled Resource Consumption3 documents3 sources
Severity
7.8HIGHNVD
EPSS
1.6%
top 18.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedJan 7
Latest updateMay 13

Description

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS before 15.0(1)XA5 allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package, aka Bug ID CSCti33534.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

NVDcisco/ios< 15.0\(1\)xa5

🔴Vulnerability Details

2
GHSA
GHSA-qcfh-5wrf-w2jc: The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS before 152022-05-13
CVEList
CVE-2010-4671: The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS before 152011-01-07
CVE-2010-4671 — Uncontrolled Resource Consumption | cvebase