CVE-2012-1311Cisco IOS vulnerability

CWE-3995 documents5 sources
Severity
7.8HIGHNVD
EPSS
2.1%
top 15.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco IOSCisco IOS XE
Timeline
PublishedMar 29
Latest updateMay 14

Description

The RSVP feature in Cisco IOS 15.0 and 15.1 and IOS XE 3.2.xS through 3.4.xS before 3.4.2S, when a VRF interface is configured, allows remote attackers to cause a denial of service (interface queue wedge and service outage) via crafted RSVP packets, aka Bug ID CSCts80643.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages2 packages

NVDcisco/ios15.0, 15.1+1
NVDcisco/ios_xe5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-4wp8-c9m8-94qj: The RSVP feature in Cisco IOS 152022-05-14
CVEList
CVE-2012-1311: The RSVP feature in Cisco IOS 152012-03-29

💥Exploits & PoCs

1
Exploit-DB
Dell OpenManage Server Administrator - Cross-Site Scripting2013-01-09

📋Vendor Advisories

1
Cisco
Cisco IOS Software RSVP Denial of Service Vulnerability2012-03-28
CVE-2012-1311 — Cisco IOS vulnerability | cvebase