CVE-2010-4683 — Missing Release of Resource after Effective Lifetime in Cisco IOS

CWE-772 — Missing Release of Resource after Effective Lifetime3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.9%
top 25.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedJan 7
Latest updateMay 13

Description

Memory leak in Cisco IOS before 15.0(1)XA5 might allow remote attackers to cause a denial of service (memory consumption) by sending a crafted SIP REGISTER message over UDP, aka Bug ID CSCtg41733.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

â–¶NVDcisco/ios< 15.0\(1\)xa5

🔴Vulnerability Details

2
GHSA
GHSA-7f7f-v228-3845: Memory leak in Cisco IOS before 15↗2022-05-13
â–¶
CVEList
CVE-2010-4683: Memory leak in Cisco IOS before 15↗2011-01-07
â–¶
CVE-2010-4683 — Cisco IOS vulnerability | cvebase