cvelistv5 - cve-2001-1071

CVE-2001-1071 (GCVE-0-2001-1071)

Vulnerability from cvelistv5 – Published: 2002-06-25 04:00 – Updated: 2024-08-08 04:44

Summary

Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.osvdb.org/1969	vdb-entryx_refsource_OSVDB
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.kb.cert.org/vuls/id/139491	third-party-advisoryx_refsource_CERT-VN
	http://www.securityfocus.com/archive/1/219257	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/3412	vdb-entryx_refsource_BID
	http://www.securityfocus.com/archive/1/219305	mailing-listx_refsource_BUGTRAQ

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:44:07.007Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1969",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/1969"
          },
          {
            "name": "cisco-ios-cdp-dos(7242)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7242"
          },
          {
            "name": "VU#139491",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/139491"
          },
          {
            "name": "20011009 Cisco CDP attacks",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/219257"
          },
          {
            "name": "3412",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/3412"
          },
          {
            "name": "20011009 Cisco Systems - Vulnerability in CDP",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/219305"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2001-10-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-03-02T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1969",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/1969"
        },
        {
          "name": "cisco-ios-cdp-dos(7242)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7242"
        },
        {
          "name": "VU#139491",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/139491"
        },
        {
          "name": "20011009 Cisco CDP attacks",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/219257"
        },
        {
          "name": "3412",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/3412"
        },
        {
          "name": "20011009 Cisco Systems - Vulnerability in CDP",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/219305"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-1071",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1969",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/1969"
            },
            {
              "name": "cisco-ios-cdp-dos(7242)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7242"
            },
            {
              "name": "VU#139491",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/139491"
            },
            {
              "name": "20011009 Cisco CDP attacks",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/219257"
            },
            {
              "name": "3412",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/3412"
            },
            {
              "name": "20011009 Cisco Systems - Vulnerability in CDP",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/219305"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-1071",
    "datePublished": "2002-06-25T04:00:00",
    "dateReserved": "2002-01-31T00:00:00",
    "dateUpdated": "2024-08-08T04:44:07.007Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:11.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"82B6315D-7BEF-419F-9B93-3CF669E986D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:11.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E8026B11-6144-467F-8094-F4F73CD37526\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:11.3\\\\(11\\\\)b:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C7C99C7-ABF5-4581-B3CB-A8B2DCD7A5CB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.0\\\\(5.1\\\\)xp:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AEB89FCC-6602-4B41-9BFA-91B0B48827A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.0\\\\(19\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"13BB143D-CE87-4B5B-8B41-F641C160624F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F2F9EC5-EDA2-4C99-BBF1-2F2C92AACE95\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:catos:4.5\\\\(1\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E3AB1738-A733-4227-B389-650FD7559D7B\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements.\"}]",
      "id": "CVE-2001-1071",
      "lastModified": "2024-11-20T23:36:48.273",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2001-10-09T04:00:00.000",
      "references": "[{\"url\": \"http://www.kb.cert.org/vuls/id/139491\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.osvdb.org/1969\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/219257\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/219305\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/3412\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/7242\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/139491\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.osvdb.org/1969\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/219257\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/219305\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/3412\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/7242\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2001-1071\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2001-10-09T04:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82B6315D-7BEF-419F-9B93-3CF669E986D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:11.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8026B11-6144-467F-8094-F4F73CD37526\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:11.3\\\\(11\\\\)b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C7C99C7-ABF5-4581-B3CB-A8B2DCD7A5CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.0\\\\(5.1\\\\)xp:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEB89FCC-6602-4B41-9BFA-91B0B48827A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.0\\\\(19\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13BB143D-CE87-4B5B-8B41-F641C160624F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F2F9EC5-EDA2-4C99-BBF1-2F2C92AACE95\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:catos:4.5\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3AB1738-A733-4227-B389-650FD7559D7B\"}]}]}],\"references\":[{\"url\":\"http://www.kb.cert.org/vuls/id/139491\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.osvdb.org/1969\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/219257\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/219305\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/3412\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/7242\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/139491\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.osvdb.org/1969\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/219257\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/219305\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/3412\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/7242\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GHSA-X25R-PMGP-R2RG

Vulnerability from github – Published: 2022-04-30 18:17 – Updated: 2022-04-30 18:17

Details

Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2001-1071"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2001-10-09T04:00:00Z",
    "severity": "MODERATE"
  },
  "details": "Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements.",
  "id": "GHSA-x25r-pmgp-r2rg",
  "modified": "2022-04-30T18:17:17Z",
  "published": "2022-04-30T18:17:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2001-1071"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7242"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/139491"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/1969"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/219257"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/219305"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/3412"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

VAR-200110-0004

Vulnerability from variot - Updated: 2023-12-18 13:26

Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements. The Cisco IOS contains a denial-of-service vulnerability that allows nearby remote attackers to crash or temporarily disable affected network devices. CDP is implemented with some releases of the Cisco Internet Operating System. It is possible for a host on a local segment of network to cause a Cisco router to become unstable, and potentially stop routing traffic by generating large amounts of CDP traffic. This protocol can not be routed across routers to remote network segments. This could lead to the ceasing of operation of Cisco routers, and a denial of service

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200110-0004",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "12.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "11.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "11.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "12.0\\(19\\)"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "12.0\\(5.1\\)xp"
      },
      {
        "model": "catos",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.5\\(1\\)"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "11.3\\(11\\)b"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "12.0.19"
      },
      {
        "model": "ios b",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "11.3.11"
      },
      {
        "model": "ios 12.0 xp",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catos",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.5(1)"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#139491"
      },
      {
        "db": "BID",
        "id": "3412"
      },
      {
        "db": "NVD",
        "id": "CVE-2001-1071"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200110-033"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:11.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:11.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:11.3\\(11\\)b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.0\\(19\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.0\\(5.1\\)xp:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:catos:4.5\\(1\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2001-1071"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "This vulnerability was discovered by FX \u003cfx@phenoelit.de\u003e, and announced via Bugtraq on October 9, 2001.",
    "sources": [
      {
        "db": "BID",
        "id": "3412"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2001-1071",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-3876",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2001-1071",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#139491",
            "trust": 0.8,
            "value": "19.69"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200110-033",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-3876",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#139491"
      },
      {
        "db": "VULHUB",
        "id": "VHN-3876"
      },
      {
        "db": "NVD",
        "id": "CVE-2001-1071"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200110-033"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements. The Cisco IOS contains a denial-of-service vulnerability that allows nearby remote attackers to crash or temporarily disable affected network devices. \nCDP is implemented with some releases of the Cisco Internet Operating System.  It is possible for a host on a local segment of network to cause a Cisco router to become unstable, and potentially stop routing traffic by generating large amounts of CDP traffic.  This protocol can not be routed across routers to remote network segments. \nThis could lead to the ceasing of operation of Cisco routers, and a denial of service",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2001-1071"
      },
      {
        "db": "CERT/CC",
        "id": "VU#139491"
      },
      {
        "db": "BID",
        "id": "3412"
      },
      {
        "db": "VULHUB",
        "id": "VHN-3876"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#139491",
        "trust": 2.5
      },
      {
        "db": "BID",
        "id": "3412",
        "trust": 2.0
      },
      {
        "db": "NVD",
        "id": "CVE-2001-1071",
        "trust": 1.7
      },
      {
        "db": "OSVDB",
        "id": "1969",
        "trust": 1.7
      },
      {
        "db": "BUGTRAQ",
        "id": "20011009 CISCO SYSTEMS - VULNERABILITY IN CDP",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20011009 CISCO CDP ATTACKS",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "7242",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200110-033",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-3876",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#139491"
      },
      {
        "db": "VULHUB",
        "id": "VHN-3876"
      },
      {
        "db": "BID",
        "id": "3412"
      },
      {
        "db": "NVD",
        "id": "CVE-2001-1071"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200110-033"
      }
    ]
  },
  "id": "VAR-200110-0004",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-3876"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:26:12.877000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2001-1071"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/3412"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/archive/1/219257"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/archive/1/219305"
      },
      {
        "trust": 1.7,
        "url": "http://www.kb.cert.org/vuls/id/139491"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/1969"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7242"
      },
      {
        "trust": 0.8,
        "url": "http://www.phenoelit.de/irpas/"
      },
      {
        "trust": 0.8,
        "url": "http://www.phenoelit.de/stuff/ciscocdp.txt"
      },
      {
        "trust": 0.8,
        "url": "http://www.securityfocus.com/archive/82/83299"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/static/7242.php"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#139491"
      },
      {
        "db": "VULHUB",
        "id": "VHN-3876"
      },
      {
        "db": "NVD",
        "id": "CVE-2001-1071"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200110-033"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#139491"
      },
      {
        "db": "VULHUB",
        "id": "VHN-3876"
      },
      {
        "db": "BID",
        "id": "3412"
      },
      {
        "db": "NVD",
        "id": "CVE-2001-1071"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200110-033"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2001-10-10T00:00:00",
        "db": "CERT/CC",
        "id": "VU#139491"
      },
      {
        "date": "2001-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-3876"
      },
      {
        "date": "2001-10-09T00:00:00",
        "db": "BID",
        "id": "3412"
      },
      {
        "date": "2001-10-09T04:00:00",
        "db": "NVD",
        "id": "CVE-2001-1071"
      },
      {
        "date": "2001-10-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200110-033"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2001-10-11T00:00:00",
        "db": "CERT/CC",
        "id": "VU#139491"
      },
      {
        "date": "2017-10-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-3876"
      },
      {
        "date": "2001-10-09T00:00:00",
        "db": "BID",
        "id": "3412"
      },
      {
        "date": "2017-10-10T01:29:59.250000",
        "db": "NVD",
        "id": "CVE-2001-1071"
      },
      {
        "date": "2005-05-02T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200110-033"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200110-033"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco IOS vulnerable to denial of service via Cisco Discovery Protocol",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#139491"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "unknown",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200110-033"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2001-1071

Vulnerability from fkie_nvd - Published: 2001-10-09 04:00 - Updated: 2025-04-03 01:03

Severity ?

Summary

Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements.

References

URL	Tags
cve@mitre.org	http://www.kb.cert.org/vuls/id/139491	US Government Resource
cve@mitre.org	http://www.osvdb.org/1969
cve@mitre.org	http://www.securityfocus.com/archive/1/219257	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/archive/1/219305	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/3412	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/7242
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/139491	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/1969
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/219257	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/219305	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/3412	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/7242

Impacted products

Vendor	Product	Version
cisco	ios	11.1
cisco	ios	11.2
cisco	ios	11.3\(11\)b
cisco	ios	12.0\(5.1\)xp
cisco	ios	12.0\(19\)
cisco	ios	12.1
cisco	catos	4.5\(1\)

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "82B6315D-7BEF-419F-9B93-3CF669E986D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8026B11-6144-467F-8094-F4F73CD37526",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:11.3\\(11\\)b:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C7C99C7-ABF5-4581-B3CB-A8B2DCD7A5CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.0\\(5.1\\)xp:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEB89FCC-6602-4B41-9BFA-91B0B48827A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.0\\(19\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "13BB143D-CE87-4B5B-8B41-F641C160624F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F2F9EC5-EDA2-4C99-BBF1-2F2C92AACE95",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catos:4.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E3AB1738-A733-4227-B389-650FD7559D7B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements."
    }
  ],
  "id": "CVE-2001-1071",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-10-09T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/139491"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/1969"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/219257"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/219305"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/3412"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7242"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/139491"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/1969"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/219257"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/219305"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/3412"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7242"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2001-1071

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements.

Aliases

CVE-2001-1071

Aliases

CVE-2001-1071

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2001-1071",
    "description": "Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements.",
    "id": "GSD-2001-1071"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2001-1071"
      ],
      "details": "Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements.",
      "id": "GSD-2001-1071",
      "modified": "2023-12-13T01:19:02.108857Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2001-1071",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1969",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/1969"
          },
          {
            "name": "cisco-ios-cdp-dos(7242)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7242"
          },
          {
            "name": "VU#139491",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/139491"
          },
          {
            "name": "20011009 Cisco CDP attacks",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/219257"
          },
          {
            "name": "3412",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/3412"
          },
          {
            "name": "20011009 Cisco Systems - Vulnerability in CDP",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/219305"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:11.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:11.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:11.3\\(11\\)b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.0\\(19\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.0\\(5.1\\)xp:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:catos:4.5\\(1\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-1071"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20011009 Cisco CDP attacks",
              "refsource": "BUGTRAQ",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.securityfocus.com/archive/1/219257"
            },
            {
              "name": "20011009 Cisco Systems - Vulnerability in CDP",
              "refsource": "BUGTRAQ",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.securityfocus.com/archive/1/219305"
            },
            {
              "name": "3412",
              "refsource": "BID",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.securityfocus.com/bid/3412"
            },
            {
              "name": "VU#139491",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/139491"
            },
            {
              "name": "1969",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/1969"
            },
            {
              "name": "cisco-ios-cdp-dos(7242)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7242"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-10-10T01:29Z",
      "publishedDate": "2001-10-09T04:00Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2001-1071 (GCVE-0-2001-1071)

GHSA-X25R-PMGP-R2RG

VAR-200110-0004

FKIE_CVE-2001-1071

GSD-2001-1071

Tags

Sightings

Nomenclature