CVE-2011-3274Cisco IOS vulnerability

CWE-3995 documents4 sources
Severity
6.1MEDIUMNVD
EPSS
0.7%
top 28.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco IOSCisco IOS XE
Timeline
PublishedOct 3
Latest updateMay 17

Description

Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, 15.0, and 15.1, and IOS XE 2.1.x through 3.3.x, when an MPLS domain is configured, allows remote attackers to cause a denial of service (device crash) via a crafted IPv6 packet, related to an expired MPLS TTL, aka Bug ID CSCto07919.

CVSS vector

AV:A/AC:L/C:N/I:N/A:CExploitability: 6.5 | Impact: 6.9

Affected Packages2 packages

NVDcisco/ios8 versions+7
NVDcisco/ios_xe29 versions+28

🔴Vulnerability Details

2
GHSA
GHSA-qqhv-wg8r-6hp4: Unspecified vulnerability in Cisco IOS 122022-05-17
CVEList
CVE-2011-3274: Unspecified vulnerability in Cisco IOS 122011-10-03

📋Vendor Advisories

2
Cisco
Cisco IOS Software Crafted IPv6 over MPLS Denial of Service Vulnerability2011-09-28
Cisco
Cisco IOS Software IP Version 6 over Multiprotocol Label Switching Vulnerabilities2011-09-28
CVE-2011-3274 — Cisco IOS vulnerability | cvebase