CVE-2012-5044

Severity Score

5.4

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Cisco IOS before 15.3(1)T, when media flow-around is not used, allows remote attackers to cause a denial of service (media loops and stack memory corruption) via VoIP traffic, aka Bug ID CSCub45809.

Cisco IOS anterior a 15.3(1)T, cuando Media Flow-Around no está utilizado, permite a atacantes remotos causar una denegación de servicio (bucles de medios y corrupción de memoria en pila) a través de trafico VoIP, también conocido como Bug ID CSCub45809.

*Credits: N/A

CVSS Scores

NISTv2 5.4

Attack Vector

Network

Attack Complexity

High

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2012-09-21 CVE Reserved
2014-04-23 CVE Published
2023-03-08 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CAPEC

References (1)

URL	Tag	Source
http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf	X_refsource_confirm

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				<= 15.2\(2\)t Search vendor "Cisco" for product "Ios" and version " <= 15.2\(2\)t"		-		Affected