CVE-2011-3279

Severity Score

7.8

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The provider-edge MPLS NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload) via a malformed SIP packet to UDP port 5060, aka Bug ID CSCti98219.

La implementación MPLS NAT en Cisco IOS v12.1 hasta v12.4 y v15.0 hasta v15.1, y IOS XE v3.1.xSG, permite a atacantes remotos provocar una denegación de servicio (reinicio del dispositivo) a través de paquetes SIP mal formados en el puesto UDP 5060, también conocido como Bug ID CSCti98219.

*Credits: N/A

CVSS Scores

NISTv2 7.8

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2011-08-29 CVE Reserved
2011-09-28 CVE Published
2023-03-07 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (3)

URL	Tag	Source
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13781	Signature

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://tools.cisco.com/security/center/viewAlert.x?alertId=24121	2022-06-02
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d4d.shtml	2022-06-02

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.1.0sg Search vendor "Cisco" for product "Ios Xe" and version "3.1.0sg"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.1.1sg Search vendor "Cisco" for product "Ios Xe" and version "3.1.1sg"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				>= 12.1 <= 12.4 Search vendor "Cisco" for product "Ios" and version " >= 12.1 <= 12.4"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				>= 15.0 <= 15.1 Search vendor "Cisco" for product "Ios" and version " >= 15.0 <= 15.1"		-		Affected