CVE-2012-4617

EPSS 0.56%
Veröffentlicht 27.09.2012 00:55:00
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle psirt@cisco.com
Teams Watchlist Login
Unerledigt Login

The BGP implementation in Cisco IOS 15.2, IOS XE 3.5.xS before 3.5.2S, and IOS XR 4.1.0 through 4.2.2 allows remote attackers to cause a denial of service (multiple connection resets) by leveraging a peer relationship and sending a malformed attribute, aka Bug IDs CSCtt35379, CSCty58300, CSCtz63248, and CSCtz62914.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Ios Version15.2

Cisco ≫ Ios Xe Version3.5.0s

Cisco ≫ Ios Xe Version3.5.1s

Cisco ≫ Ios Xr Version4.1

Cisco ≫ Ios Xr Version4.1.1

Cisco ≫ Ios Xr Version4.1.2

Cisco ≫ Ios Xr Version4.2.0

Cisco ≫ Ios Xr Version4.2.1

Cisco ≫ Ios Xr Version4.2.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.56%	0.657

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.1	8.6	6.9	AV:N/AC:M/Au:N/C:N/I:N/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-bgp

Vendor Advisory

http://www.securityfocus.com/bid/55694

http://www.securitytracker.com/id?1027576

https://nvd.nist.gov/vuln/detail/CVE-2012-4617

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-4617

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-4617

EUVD