7.8
CVE-2012-0385
- EPSS 2.99%
- Veröffentlicht 29.03.2012 11:01:16
- Zuletzt bearbeitet 16.06.2026 23:37:11
- Quelle psirt@cisco.com
- CVE-Watchlists
- Unerledigt
The Smart Install feature in Cisco IOS 12.2, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (device reload) by sending a malformed Smart Install message over TCP, aka Bug ID CSCtt16051.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.99% | 0.856 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 10 | 6.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://osvdb.org/80694
http://secunia.com/advisories/48610
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-smartinstall
http://www.securityfocus.com/bid/52756
http://www.securitytracker.com/id?1026867
https://exchange.xforce.ibmcloud.com/vulnerabilities/74430