CVE-2012-1366Improper Input Validation in Cisco IOS

CWE-20Improper Input Validation3 documents3 sources
Severity
6.1MEDIUMNVD
EPSS
0.2%
top 60.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedApr 23
Latest updateMay 13

Description

Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544.

CVSS vector

AV:A/AC:L/C:N/I:N/A:CExploitability: 6.5 | Impact: 6.9

Affected Packages1 packages

NVDcisco/ios15.1

🔴Vulnerability Details

2
GHSA
GHSA-722r-v4g4-4887: Cisco IOS before 152022-05-13
CVEList
CVE-2012-1366: Cisco IOS before 152014-04-23
CVE-2012-1366 — Improper Input Validation in Cisco IOS | cvebase