CVE-2012-0360 — Missing Release of Memory after Effective Lifetime in Cisco IOS

CWE-3993 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

0.8%

top 26.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco IOS

Timeline

PublishedApr 23

Latest updateMay 4

Description

Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCtn22376.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDcisco/ios15.1

🔴Vulnerability Details

GHSA

GHSA-r68r-9r7j-m827: Memory leak in Cisco IOS before 15↗2022-05-04

▶

CVEList

CVE-2012-0360: Memory leak in Cisco IOS before 15↗2014-04-23

▶