All the vulnerabilites related to cisco - ips_4270-20
Vulnerability from fkie_nvd
Published
2012-09-16 10:34
Modified
2024-11-21 01:41
Severity ?
Summary
The updateTime function in sensorApp on Cisco IPS 4200 series sensors 7.0 and 7.1 allows remote attackers to cause a denial of service (process crash and traffic-inspection outage) via network traffic, aka Bug ID CSCta96144.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | intrusion_prevention_system | 7.0 | |
| cisco | intrusion_prevention_system | 7.1 | |
| cisco | ips_4240 | * | |
| cisco | ips_4250_sx | * | |
| cisco | ips_4255 | * | |
| cisco | ips_4260 | * | |
| cisco | ips_4270-20 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:intrusion_prevention_system:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "03105E7F-12F8-4497-8A27-BD2F1653FD38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:intrusion_prevention_system:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F03BDC3C-E7F1-41C1-B89C-1DB1D3997DC2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ips_4240:*:*:*:*:*:*:*:*",
"matchCriteriaId": "661A7A3E-09E3-44DA-AEB5-8021BCEF30EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:ips_4250_sx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC8C8063-E6F7-44AB-8FCB-2FDCBE54CBF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:ips_4255:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A2BCB3B-CE33-4B96-A125-8E7001845A5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:ips_4260:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C3637DA-60C8-4F15-8906-F67ADA344A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:ips_4270-20:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9F6387E-B7DF-4146-B24F-0D99190FA71B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The updateTime function in sensorApp on Cisco IPS 4200 series sensors 7.0 and 7.1 allows remote attackers to cause a denial of service (process crash and traffic-inspection outage) via network traffic, aka Bug ID CSCta96144."
},
{
"lang": "es",
"value": "La funci\u00f3n updateTime en sensorApp en Cisco IPS serie 4200 sensores v7.0 y v7.1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del proceso e inspecci\u00f3n de tr\u00e1fico fuera del rango) a trav\u00e9s de tr\u00e1fico de redes, tambi\u00e9n conocido como Bug ID CSCta96144."
}
],
"id": "CVE-2012-3901",
"lastModified": "2024-11-21T01:41:48.667",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-09-16T10:34:50.940",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/docs/security/ips/7.0/release/notes/22789_01.html"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78870"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/docs/security/ips/7.0/release/notes/22789_01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78870"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-09-16 10:34
Modified
2024-11-21 01:41
Severity ?
Summary
sensorApp on Cisco IPS 4200 series sensors 6.0, 6.2, and 7.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and process crash, and traffic-inspection outage) via network traffic, aka Bug ID CSCtn23051.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | intrusion_prevention_system | 6.0 | |
| cisco | intrusion_prevention_system | 6.2 | |
| cisco | intrusion_prevention_system | 7.0 | |
| cisco | ips_4240 | * | |
| cisco | ips_4250_sx | * | |
| cisco | ips_4255 | * | |
| cisco | ips_4260 | * | |
| cisco | ips_4270-20 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:intrusion_prevention_system:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B010D14A-7275-454B-B2F8-31EE0D34C24F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:intrusion_prevention_system:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6B235817-21BA-40AF-AC39-7343007ABF55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:intrusion_prevention_system:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "03105E7F-12F8-4497-8A27-BD2F1653FD38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ips_4240:*:*:*:*:*:*:*:*",
"matchCriteriaId": "661A7A3E-09E3-44DA-AEB5-8021BCEF30EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:ips_4250_sx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC8C8063-E6F7-44AB-8FCB-2FDCBE54CBF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:ips_4255:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A2BCB3B-CE33-4B96-A125-8E7001845A5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:ips_4260:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C3637DA-60C8-4F15-8906-F67ADA344A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:ips_4270-20:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9F6387E-B7DF-4146-B24F-0D99190FA71B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "sensorApp on Cisco IPS 4200 series sensors 6.0, 6.2, and 7.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and process crash, and traffic-inspection outage) via network traffic, aka Bug ID CSCtn23051."
},
{
"lang": "es",
"value": "sensorApp en Cisco IPS serie 4200 sensores v6.0, v6.2, y v7.0 no direcciona la memoria de forma adecuada, lo que podr\u00eda permitir a atacantes remotod provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria, ca\u00edda del proceso e inspecci\u00f3n del tr\u00e1fico fuera de rango) a trav\u00e9s del tr\u00e1fico de red, tambi\u00e9n conocido como Bug ID CSCtn23051."
}
],
"id": "CVE-2012-3899",
"lastModified": "2024-11-21T01:41:48.560",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-09-16T10:34:50.910",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/web/software/282549758/51927/IPS-6_2-4-E4-readme.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/web/software/282549758/51927/IPS-6_2-4-E4-readme.txt"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2012-3901
Vulnerability from cvelistv5
Published
2012-09-16 10:00
Modified
2024-08-06 20:21
Severity ?
EPSS score ?
Summary
The updateTime function in sensorApp on Cisco IPS 4200 series sensors 7.0 and 7.1 allows remote attackers to cause a denial of service (process crash and traffic-inspection outage) via network traffic, aka Bug ID CSCta96144.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/en/US/docs/security/ips/7.0/release/notes/22789_01.html | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/78870 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:21:04.066Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/docs/security/ips/7.0/release/notes/22789_01.html"
},
{
"name": "cisco-ips-updatetime-dos(78870)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78870"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-08-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The updateTime function in sensorApp on Cisco IPS 4200 series sensors 7.0 and 7.1 allows remote attackers to cause a denial of service (process crash and traffic-inspection outage) via network traffic, aka Bug ID CSCta96144."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cisco.com/en/US/docs/security/ips/7.0/release/notes/22789_01.html"
},
{
"name": "cisco-ips-updatetime-dos(78870)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78870"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-3901",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The updateTime function in sensorApp on Cisco IPS 4200 series sensors 7.0 and 7.1 allows remote attackers to cause a denial of service (process crash and traffic-inspection outage) via network traffic, aka Bug ID CSCta96144."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cisco.com/en/US/docs/security/ips/7.0/release/notes/22789_01.html",
"refsource": "CONFIRM",
"url": "http://www.cisco.com/en/US/docs/security/ips/7.0/release/notes/22789_01.html"
},
{
"name": "cisco-ips-updatetime-dos(78870)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78870"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-3901",
"datePublished": "2012-09-16T10:00:00",
"dateReserved": "2012-07-10T00:00:00",
"dateUpdated": "2024-08-06T20:21:04.066Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-3899
Vulnerability from cvelistv5
Published
2012-09-16 10:00
Modified
2024-09-17 00:05
Severity ?
EPSS score ?
Summary
sensorApp on Cisco IPS 4200 series sensors 6.0, 6.2, and 7.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and process crash, and traffic-inspection outage) via network traffic, aka Bug ID CSCtn23051.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/web/software/282549758/51927/IPS-6_2-4-E4-readme.txt | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:21:03.914Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cisco.com/web/software/282549758/51927/IPS-6_2-4-E4-readme.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "sensorApp on Cisco IPS 4200 series sensors 6.0, 6.2, and 7.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and process crash, and traffic-inspection outage) via network traffic, aka Bug ID CSCtn23051."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-09-16T10:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cisco.com/web/software/282549758/51927/IPS-6_2-4-E4-readme.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-3899",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "sensorApp on Cisco IPS 4200 series sensors 6.0, 6.2, and 7.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and process crash, and traffic-inspection outage) via network traffic, aka Bug ID CSCtn23051."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cisco.com/web/software/282549758/51927/IPS-6_2-4-E4-readme.txt",
"refsource": "CONFIRM",
"url": "http://www.cisco.com/web/software/282549758/51927/IPS-6_2-4-E4-readme.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-3899",
"datePublished": "2012-09-16T10:00:00Z",
"dateReserved": "2012-07-10T00:00:00Z",
"dateUpdated": "2024-09-17T00:05:41.664Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}