CVE-2012-3950Cisco IOS vulnerability

CWE-3994 documents4 sources
Severity
7.1HIGHNVD
EPSS
0.7%
top 28.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedSep 27
Latest updateMay 17

Description

The Intrusion Prevention System (IPS) feature in Cisco IOS 12.3 through 12.4 and 15.0 through 15.2, in certain configurations of enabled categories and missing signatures, allows remote attackers to cause a denial of service (device reload) via DNS packets, aka Bug ID CSCtw55976.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages1 packages

NVDcisco/ios291 versions+290

🔴Vulnerability Details

2
GHSA
GHSA-3xcj-9jh4-h55x: The Intrusion Prevention System (IPS) feature in Cisco IOS 122022-05-17
CVEList
CVE-2012-3950: The Intrusion Prevention System (IPS) feature in Cisco IOS 122012-09-27

📋Vendor Advisories

1
Cisco
Cisco IOS Software Intrusion Prevention System Denial of Service Vulnerability2012-09-26
CVE-2012-3950 — Cisco IOS vulnerability | cvebase