CVE-2012-4097

EPSS 0.44%
Veröffentlicht 14.10.2013 03:34:54
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle psirt@cisco.com
Teams Watchlist Login
Unerledigt Login

The BGP implementation in Cisco NX-OS does not properly filter segment types in AS paths, which allows remote attackers to cause a denial of service (BGP service reset) via a malformed UPDATE message, aka Bug ID CSCtn13043.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Nx-os Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.44%	0.604

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:N/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://osvdb.org/98128

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4097

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2012-4097

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-4097

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-4097

EUVD