CVE-2011-4012 — Cisco IOS vulnerability

3 documents3 sources

Severity

9.3CRITICALNVD

EPSS

0.3%

top 43.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco IOS

Timeline

PublishedMay 2

Latest updateMay 17

Description

Cisco IOS 12.0, 15.0, and 15.1, when a Policy Feature Card 3C (PFC3C) is used, does not create a fragment entry during processing of an ICMPv6 ACL, which has unspecified impact and remote attack vectors, aka Bug ID CSCtj90091.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDcisco/ios12.0, 15.0, 15.1+2

🔴Vulnerability Details

GHSA

GHSA-rcm6-ccwh-xh5v: Cisco IOS 12↗2022-05-17

▶

CVEList

CVE-2011-4012: Cisco IOS 12↗2012-05-02

▶