CVE-2012-1314 - The WAAS Express feature in Cisco IOS 15.1 and 15.2 allows remote attackers to cause a denial of ser

CVE-2012-1314

Summary

The WAAS Express feature in Cisco IOS 15.1 and 15.2 allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted transit traffic, aka Bug ID CSCtt45381.

References

http://osvdb.org/80702
http://secunia.com/advisories/48595
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-mace
http://www.securityfocus.com/bid/52751
http://www.securitytracker.com/id?1026862
https://exchange.xforce.ibmcloud.com/vulnerabilities/74428

Vulnerable Configurations

cpe:2.3:o:cisco:ios:15.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.2:*:*:*:*:*:*:*

CVSS

Base:	7.8 (as of 29-12-2017 - 02:29)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:C

refmap via4

bid	52751
cisco	20120328 Multiple Vulnerabilities in Cisco IOS Software Traffic Optimization Features
osvdb	80702
sectrack	1026862
secunia	48595
xf	ciscoios-waas-dos(74428)

Last major update

29-12-2017 - 02:29

Published

29-03-2012 - 11:01

Last modified

29-12-2017 - 02:29