CVE-2012-5723Improper Input Validation in Cisco IOS XE

CWE-20Improper Input Validation3 documents3 sources
Severity
6.1MEDIUMNVD
EPSS
0.2%
top 60.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS XE
Timeline
PublishedApr 24
Latest updateMay 13

Description

Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

CVSS vector

AV:A/AC:L/C:N/I:N/A:CExploitability: 6.5 | Impact: 6.9

Affected Packages1 packages

NVDcisco/ios_xe3.7s\(.1\)+10

🔴Vulnerability Details

2
GHSA
GHSA-q7c6-x96r-hrg8: Cisco ASR 1000 devices with software before 32022-05-13
CVEList
CVE-2012-5723: Cisco ASR 1000 devices with software before 32014-04-24
CVE-2012-5723 — Improper Input Validation in Cisco | cvebase