// For flags

CVE-2002-0013

Cisco IOS 11/12 - SNMP Message Denial of Service

Severity Score

10.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available.

Vulnerabilidades en un elevado número de implementaciones SNMP permite que atacantes remotos provoquen una denegación del servicio u obtengan privilegios debido al manejo de los mensajes GetRequest, GetNextRequest y Set Requests de SNMPv1 (como se ha demostrado por medio del suite PROTOS c06-SNMv1).

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2002-01-10 CVE Reserved
  • 2002-02-12 First Exploit
  • 2002-02-13 CVE Published
  • 2024-02-08 EPSS Updated
  • 2024-08-08 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-264: Permissions, Privileges, and Access Controls
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Snmp
Search vendor "Snmp"
Snmp
Search vendor "Snmp" for product "Snmp"
*-
Affected