Описание
The AAA service in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.1 through 3.18 and 16.2 allows remote attackers to cause a denial of service (device reload) via a failed SSH connection attempt that is mishandled during generation of an error-log message, aka Bug ID CSCuy87667.
Ссылки
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия от 12.0 (включая) до 12.4 (включая)Версия от 15.0 (включая) до 15.6 (включая)Версия от 2.1.0 (включая) до 3.18.0 (включая)
Одно из
cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios_xe:16.2:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.0912
Низкий
7.5 High
CVSS3
7.1 High
CVSS2
Дефекты
CWE-399
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
The AAA service in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.1 through 3.18 and 16.2 allows remote attackers to cause a denial of service (device reload) via a failed SSH connection attempt that is mishandled during generation of an error-log message, aka Bug ID CSCuy87667.
EPSS
Процентиль: 92%
0.0912
Низкий
7.5 High
CVSS3
7.1 High
CVSS2
Дефекты
CWE-399