CVE-2010-4684 β€” Improper Input Validation in Cisco IOS

CWE-20 β€” Improper Input Validation3 documents3 sources
Severity
7.1HIGHNVD
EPSS
0.7%
top 28.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedJan 7
Latest updateMay 13

Description

Cisco IOS before 15.0(1)XA1, when certain TFTP debugging is enabled, allows remote attackers to cause a denial of service (device crash) via a TFTP copy over IPv6, aka Bug ID CSCtb28877.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages1 packages

β–ΆNVDcisco/ios< 15.0\(1\)xa1

πŸ”΄Vulnerability Details

2
GHSA
GHSA-773m-r8xm-r4mq: Cisco IOS before 15β†—2022-05-13
β–Ά
CVEList
CVE-2010-4684: Cisco IOS before 15β†—2011-01-07
β–Ά
CVE-2010-4684 β€” Improper Input Validation in Cisco IOS | cvebase