CVE-2011-2059Sensitive Information Exposure in Cisco IOS

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.2%
top 55.21%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedOct 22
Latest updateMay 13

Description

The ipv6 component in Cisco IOS before 15.1(4)M1.3 allows remote attackers to conduct fingerprinting attacks and obtain potentially sensitive information about the presence of the IOS operating system via an ICMPv6 Echo Request packet containing a Hop-by-Hop (HBH) extension header (EH) with a 0x0c01050c value in the PadN option data, aka Bug ID CSCtq02219.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDcisco/ios< 15.1\(4\)m1.3

🔴Vulnerability Details

2
GHSA
GHSA-fgw3-96vm-6v7m: The ipv6 component in Cisco IOS before 152022-05-13
CVEList
CVE-2011-2059: The ipv6 component in Cisco IOS before 152011-10-22
CVE-2011-2059 — Sensitive Information Exposure in Cisco | cvebase