cvelistv5 - cve-2012-2488

CVE-2012-2488 (GCVE-0-2012-2488)

Vulnerability from cvelistv5 – Published: 2012-05-31 10:00 – Updated: 2024-08-06 19:34

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

	http://secunia.com/advisories/49329	third-party-advisoryx_refsource_SECUNIA
	http://www.securitytracker.com/id?1027104	vdb-entryx_refsource_SECTRACK
	http://tools.cisco.com/security/center/content/Ci…	vendor-advisoryx_refsource_CISCO
	http://www.securityfocus.com/bid/53728	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:34:25.772Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "49329",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49329"
          },
          {
            "name": "1027104",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1027104"
          },
          {
            "name": "20120530 Cisco IOS XR Software Route Processor Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr"
          },
          {
            "name": "53728",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/53728"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-05-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series devices allows remote attackers to cause a denial of service (packet transmission outage) via a crafted packet, aka Bug IDs CSCty94537 and CSCtz62593."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2012-08-18T09:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "49329",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49329"
        },
        {
          "name": "1027104",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1027104"
        },
        {
          "name": "20120530 Cisco IOS XR Software Route Processor Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr"
        },
        {
          "name": "53728",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/53728"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2012-2488",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series devices allows remote attackers to cause a denial of service (packet transmission outage) via a crafted packet, aka Bug IDs CSCty94537 and CSCtz62593."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "49329",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/49329"
            },
            {
              "name": "1027104",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1027104"
            },
            {
              "name": "20120530 Cisco IOS XR Software Route Processor Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr"
            },
            {
              "name": "53728",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/53728"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2012-2488",
    "datePublished": "2012-05-31T10:00:00",
    "dateReserved": "2012-05-07T00:00:00",
    "dateUpdated": "2024-08-06T19:34:25.772Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.2.0\", \"matchCriteriaId\": \"C0C513C0-97CB-4F5A-9942-5AF48742BDA9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:asr_9000_rsp440_router:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A580194-1B06-4D71-B618-345046DBA9C6\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xr:4.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39F8B336-0DFA-41CE-9EFF-89A09BBDC6D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xr:4.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A1D1B60-C94F-44BF-8194-7758394E31C3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xr:4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06E63681-C89F-4569-A52C-B870D48E436C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xr:4.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E593EF3-133A-4E15-9B86-6B451F5C0159\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xr:4.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3BB49EB2-2D99-4C45-80B7-48299A1EBF30\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xr:4.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB6ABB63-E2D2-42F7-B648-BF6002D1C05E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:crs_performance_route_processor:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A6D383DA-04D7-4789-B7F7-B31FD645BA8F\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series devices allows remote attackers to cause a denial of service (packet transmission outage) via a crafted packet, aka Bug IDs CSCty94537 and CSCtz62593.\"}, {\"lang\": \"es\", \"value\": \"Cisco IOS XR anteriores a v4.2.1 en dispositivos ASR series 900 y dispositivos CRS, permite a atacantes remotos provocar una denegaci\\u00f3n de servicio (transmisi\\u00f3n de paquetes cortados) a trav\\u00e9s de un paquete manipulado, tambi\\u00e9n conocido como Bug IDs CSCty94537 y  CSCtz62593.\"}]",
      "evaluatorImpact": "Per: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr\r\n\r\n\u0027Affected Products\r\nThis vulnerability affects IOS XR Software version 4.2.0 running on the Cisco ASR 9000 Series RSP440. It also affects IOS XR Software versions 4.0.3, 4.0.4, 4.1.0, 4.1.1, 4.1.2, and 4.2.0 running on the CRS Performance Route Processor.\u0027",
      "id": "CVE-2012-2488",
      "lastModified": "2024-11-21T01:39:08.737",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2012-05-31T10:17:38.763",
      "references": "[{\"url\": \"http://secunia.com/advisories/49329\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/53728\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://www.securitytracker.com/id?1027104\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://secunia.com/advisories/49329\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/53728\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1027104\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2012-2488\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2012-05-31T10:17:38.763\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series devices allows remote attackers to cause a denial of service (packet transmission outage) via a crafted packet, aka Bug IDs CSCty94537 and CSCtz62593.\"},{\"lang\":\"es\",\"value\":\"Cisco IOS XR anteriores a v4.2.1 en dispositivos ASR series 900 y dispositivos CRS, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (transmisi\u00f3n de paquetes cortados) a trav\u00e9s de un paquete manipulado, tambi\u00e9n conocido como Bug IDs CSCty94537 y  CSCtz62593.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.2.0\",\"matchCriteriaId\":\"C0C513C0-97CB-4F5A-9942-5AF48742BDA9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:asr_9000_rsp440_router:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A580194-1B06-4D71-B618-345046DBA9C6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39F8B336-0DFA-41CE-9EFF-89A09BBDC6D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A1D1B60-C94F-44BF-8194-7758394E31C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06E63681-C89F-4569-A52C-B870D48E436C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:4.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E593EF3-133A-4E15-9B86-6B451F5C0159\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:4.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BB49EB2-2D99-4C45-80B7-48299A1EBF30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:4.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB6ABB63-E2D2-42F7-B648-BF6002D1C05E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:crs_performance_route_processor:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6D383DA-04D7-4789-B7F7-B31FD645BA8F\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/49329\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/53728\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://www.securitytracker.com/id?1027104\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://secunia.com/advisories/49329\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/53728\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1027104\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"evaluatorImpact\":\"Per: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr\\r\\n\\r\\n\u0027Affected Products\\r\\nThis vulnerability affects IOS XR Software version 4.2.0 running on the Cisco ASR 9000 Series RSP440. It also affects IOS XR Software versions 4.0.3, 4.0.4, 4.1.0, 4.1.1, 4.1.2, and 4.2.0 running on the CRS Performance Route Processor.\u0027\"}}"
  }
}

CERTA-2012-AVI-300

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été corrigée dans Cisco IOS XR. L'exploitation de cette vulnérabilité permet à un utilisateur malintentionné de provoquer un déni de service en envoyant un paquet réseau spécialement conçu à un équipement vulnérable.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Cisco	IOS XR	Cisco ASR 9000 Series RSP440 avec IOS XR version 4.2.0 ;
	Cisco	IOS XR	Cisco CRS Performance Route Processor avec IOS XR versions 4.0.3, 4.0.4, 4.1.0, 4.1.1, 4.1.2 et 4.2.0.

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco 20120530-iosxr du 30 mai 2012

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco ASR 9000 Series RSP440 avec IOS XR version 4.2.0 ;",
      "product": {
        "name": "IOS XR",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco CRS Performance Route Processor avec IOS XR versions 4.0.3, 4.0.4, 4.1.0, 4.1.1, 4.1.2 et 4.2.0.",
      "product": {
        "name": "IOS XR",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-2488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2488"
    }
  ],
  "links": [],
  "reference": "CERTA-2012-AVI-300",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-06-01T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans Cisco IOS XR. L\u0027exploitation de\ncette vuln\u00e9rabilit\u00e9 permet \u00e0 un utilisateur malintentionn\u00e9 de provoquer\nun d\u00e9ni de service en envoyant un paquet r\u00e9seau sp\u00e9cialement con\u00e7u \u00e0 un\n\u00e9quipement vuln\u00e9rable.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Cisco IOS XR",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco 20120530-iosxr du 30 mai 2012",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr"
    }
  ]
}

CERTA-2012-AVI-300

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Cisco	IOS XR	Cisco ASR 9000 Series RSP440 avec IOS XR version 4.2.0 ;
	Cisco	IOS XR	Cisco CRS Performance Route Processor avec IOS XR versions 4.0.3, 4.0.4, 4.1.0, 4.1.1, 4.1.2 et 4.2.0.

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco 20120530-iosxr du 30 mai 2012

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco ASR 9000 Series RSP440 avec IOS XR version 4.2.0 ;",
      "product": {
        "name": "IOS XR",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco CRS Performance Route Processor avec IOS XR versions 4.0.3, 4.0.4, 4.1.0, 4.1.1, 4.1.2 et 4.2.0.",
      "product": {
        "name": "IOS XR",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-2488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2488"
    }
  ],
  "links": [],
  "reference": "CERTA-2012-AVI-300",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-06-01T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans Cisco IOS XR. L\u0027exploitation de\ncette vuln\u00e9rabilit\u00e9 permet \u00e0 un utilisateur malintentionn\u00e9 de provoquer\nun d\u00e9ni de service en envoyant un paquet r\u00e9seau sp\u00e9cialement con\u00e7u \u00e0 un\n\u00e9quipement vuln\u00e9rable.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Cisco IOS XR",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco 20120530-iosxr du 30 mai 2012",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr"
    }
  ]
}

CERTA-2012-AVI-444

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été corrigée dans Cisco IOS XR. Elle concerne un déni de service à distance dans le processus de routage et peut être provoquée par l'envoi d'un message réseau spécialement conçu.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	IOS XR	Cisco IOS XR version 4.2.0 ;
Cisco	IOS XR	Cisco IOS XR version 4.1.1 ;
Cisco	IOS XR	Cisco IOS XR version 4.0.1.
Cisco	IOS XR	Cisco IOS XR version 4.0.3 ;
Cisco	IOS XR	Cisco IOS XR version 4.1.2 ;
Cisco	IOS XR	Cisco IOS XR version 4.0.4 ;
Cisco	IOS XR	Cisco IOS XR version 4.1.0 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20120530-iosxr du 15 août 2012	None	vendor-advisory
Bulletin de sécurité Cisco 20120530-iosxr du 15 août 2012 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco IOS XR version 4.2.0 ;",
      "product": {
        "name": "IOS XR",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS XR version 4.1.1 ;",
      "product": {
        "name": "IOS XR",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS XR version 4.0.1.",
      "product": {
        "name": "IOS XR",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS XR version 4.0.3 ;",
      "product": {
        "name": "IOS XR",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS XR version 4.1.2 ;",
      "product": {
        "name": "IOS XR",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS XR version 4.0.4 ;",
      "product": {
        "name": "IOS XR",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS XR version 4.1.0 ;",
      "product": {
        "name": "IOS XR",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-2488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2488"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco 20120530-iosxr du 15 ao\u00fbt 2012 :",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr"
    }
  ],
  "reference": "CERTA-2012-AVI-444",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-08-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eCisco IOS\nXR\u003c/span\u003e. Elle concerne un d\u00e9ni de service \u00e0 distance dans le processus\nde routage et peut \u00eatre provoqu\u00e9e par l\u0027envoi d\u0027un message r\u00e9seau\nsp\u00e9cialement con\u00e7u.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Cisco IOS XR",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20120530-iosxr du 15 ao\u00fbt 2012",
      "url": null
    }
  ]
}

CERTA-2012-AVI-444

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	IOS XR	Cisco IOS XR version 4.2.0 ;
Cisco	IOS XR	Cisco IOS XR version 4.1.1 ;
Cisco	IOS XR	Cisco IOS XR version 4.0.1.
Cisco	IOS XR	Cisco IOS XR version 4.0.3 ;
Cisco	IOS XR	Cisco IOS XR version 4.1.2 ;
Cisco	IOS XR	Cisco IOS XR version 4.0.4 ;
Cisco	IOS XR	Cisco IOS XR version 4.1.0 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20120530-iosxr du 15 août 2012	None	vendor-advisory
Bulletin de sécurité Cisco 20120530-iosxr du 15 août 2012 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco IOS XR version 4.2.0 ;",
      "product": {
        "name": "IOS XR",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS XR version 4.1.1 ;",
      "product": {
        "name": "IOS XR",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS XR version 4.0.1.",
      "product": {
        "name": "IOS XR",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS XR version 4.0.3 ;",
      "product": {
        "name": "IOS XR",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS XR version 4.1.2 ;",
      "product": {
        "name": "IOS XR",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS XR version 4.0.4 ;",
      "product": {
        "name": "IOS XR",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS XR version 4.1.0 ;",
      "product": {
        "name": "IOS XR",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-2488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2488"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco 20120530-iosxr du 15 ao\u00fbt 2012 :",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr"
    }
  ],
  "reference": "CERTA-2012-AVI-444",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-08-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eCisco IOS\nXR\u003c/span\u003e. Elle concerne un d\u00e9ni de service \u00e0 distance dans le processus\nde routage et peut \u00eatre provoqu\u00e9e par l\u0027envoi d\u0027un message r\u00e9seau\nsp\u00e9cialement con\u00e7u.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Cisco IOS XR",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20120530-iosxr du 15 ao\u00fbt 2012",
      "url": null
    }
  ]
}

FKIE_CVE-2012-2488

Vulnerability from fkie_nvd - Published: 2012-05-31 10:17 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
psirt@cisco.com	http://secunia.com/advisories/49329
psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr	Vendor Advisory
psirt@cisco.com	http://www.securityfocus.com/bid/53728
psirt@cisco.com	http://www.securitytracker.com/id?1027104
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/49329
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/53728
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1027104

Impacted products

Vendor	Product	Version
cisco	ios_xr	*
cisco	asr_9000_rsp440_router	-
cisco	ios_xr	4.0.3
cisco	ios_xr	4.0.4
cisco	ios_xr	4.1
cisco	ios_xr	4.1.1
cisco	ios_xr	4.1.2
cisco	ios_xr	4.2.0
cisco	crs_performance_route_processor	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0C513C0-97CB-4F5A-9942-5AF48742BDA9",
              "versionEndIncluding": "4.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000_rsp440_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A580194-1B06-4D71-B618-345046DBA9C6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "39F8B336-0DFA-41CE-9EFF-89A09BBDC6D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A1D1B60-C94F-44BF-8194-7758394E31C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "06E63681-C89F-4569-A52C-B870D48E436C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E593EF3-133A-4E15-9B86-6B451F5C0159",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BB49EB2-2D99-4C45-80B7-48299A1EBF30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB6ABB63-E2D2-42F7-B648-BF6002D1C05E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:crs_performance_route_processor:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6D383DA-04D7-4789-B7F7-B31FD645BA8F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series devices allows remote attackers to cause a denial of service (packet transmission outage) via a crafted packet, aka Bug IDs CSCty94537 and CSCtz62593."
    },
    {
      "lang": "es",
      "value": "Cisco IOS XR anteriores a v4.2.1 en dispositivos ASR series 900 y dispositivos CRS, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (transmisi\u00f3n de paquetes cortados) a trav\u00e9s de un paquete manipulado, tambi\u00e9n conocido como Bug IDs CSCty94537 y  CSCtz62593."
    }
  ],
  "evaluatorImpact": "Per: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr\r\n\r\n\u0027Affected Products\r\nThis vulnerability affects IOS XR Software version 4.2.0 running on the Cisco ASR 9000 Series RSP440. It also affects IOS XR Software versions 4.0.3, 4.0.4, 4.1.0, 4.1.1, 4.1.2, and 4.2.0 running on the CRS Performance Route Processor.\u0027",
  "id": "CVE-2012-2488",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-05-31T10:17:38.763",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/49329"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/53728"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1027104"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/49329"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/53728"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1027104"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2012-2488

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2012-2488

Aliases

CVE-2012-2488

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2012-2488",
    "description": "Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series devices allows remote attackers to cause a denial of service (packet transmission outage) via a crafted packet, aka Bug IDs CSCty94537 and CSCtz62593.",
    "id": "GSD-2012-2488"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2012-2488"
      ],
      "details": "Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series devices allows remote attackers to cause a denial of service (packet transmission outage) via a crafted packet, aka Bug IDs CSCty94537 and CSCtz62593.",
      "id": "GSD-2012-2488",
      "modified": "2023-12-13T01:20:15.910956Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2012-2488",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series devices allows remote attackers to cause a denial of service (packet transmission outage) via a crafted packet, aka Bug IDs CSCty94537 and CSCtz62593."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "49329",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/49329"
          },
          {
            "name": "1027104",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1027104"
          },
          {
            "name": "20120530 Cisco IOS XR Software Route Processor Denial of Service Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr"
          },
          {
            "name": "53728",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/53728"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "4.2.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_9000_rsp440_router:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:4.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:4.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:4.1.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:4.2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:4.0.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:4.0.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:crs_performance_route_processor:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2012-2488"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series devices allows remote attackers to cause a denial of service (packet transmission outage) via a crafted packet, aka Bug IDs CSCty94537 and CSCtz62593."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20120530 Cisco IOS XR Software Route Processor Denial of Service Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr"
            },
            {
              "name": "49329",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/49329"
            },
            {
              "name": "1027104",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1027104"
            },
            {
              "name": "53728",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/53728"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2012-08-25T03:27Z",
      "publishedDate": "2012-05-31T10:17Z"
    }
  }
}

GHSA-W5QH-VV4G-4G87

Vulnerability from github – Published: 2022-05-17 05:25 – Updated: 2022-05-17 05:25

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2012-2488"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-05-31T10:17:00Z",
    "severity": "HIGH"
  },
  "details": "Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series devices allows remote attackers to cause a denial of service (packet transmission outage) via a crafted packet, aka Bug IDs CSCty94537 and CSCtz62593.",
  "id": "GHSA-w5qh-vv4g-4g87",
  "modified": "2022-05-17T05:25:06Z",
  "published": "2022-05-17T05:25:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2488"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/49329"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/53728"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1027104"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

VAR-201205-0146

Vulnerability from variot - Updated: 2023-12-18 13:40

Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series devices allows remote attackers to cause a denial of service (packet transmission outage) via a crafted packet, aka Bug IDs CSCty94537 and CSCtz62593. The problem is Bug ID CSCty94537 and CSCtz62593 It is a problem.Denial of service operation via a packet crafted by a third party ( Stop packet transmission ) There is a possibility of being put into a state. Cisco IOS XR is a member of the Cisco IOS Software family that uses a microkernel-based operating system architecture. On the Processor (PRP). The attacker can send a specially-made packet to the affected system, causing the packet originating from the route processor CPU to stop transmitting to the fabric, and finally triggering the denial of service attack. This issue is being tracked by Cisco Bug IDs CSCty94537 (ASR 9000) and CSCtz62593 (CRS). ----------------------------------------------------------------------

Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch

TITLE: Cisco IOS XR Denial of Service Vulnerability

SECUNIA ADVISORY ID: SA49329

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49329/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49329

RELEASE DATE: 2012-05-31

DISCUSS ADVISORY: http://secunia.com/advisories/49329/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/49329/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=49329

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: A vulnerability has been reported in Cisco IOS XR, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an unspecified error when processing certain packets and can be exploited to stop outbound packets from being transmitted via specially crafted packets sent to a configured address on the device.

NOTE: Transit traffic packets do not trigger this vulnerability.

Please see the vendor's advisory for the list of affected products and versions.

SOLUTION: Apply updates. Please see the vendor's advisory for more information.

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201205-0146",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 2.5,
        "vendor": "cisco",
        "version": "4.1.2"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 2.5,
        "vendor": "cisco",
        "version": "4.0.3"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 2.5,
        "vendor": "cisco",
        "version": "4.1.1"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 2.5,
        "vendor": "cisco",
        "version": "4.0.4"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.2.0"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "ios xr",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "4.2.0"
      },
      {
        "model": "asr 9000 rsp440 router",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "crs performance route processor",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "cisco",
        "version": "4.1.0"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "cisco",
        "version": "4.2"
      },
      {
        "model": "crs performance route processor",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "asr",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "cisco",
        "version": "90100"
      },
      {
        "model": "asr",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "cisco",
        "version": "90060"
      },
      {
        "model": "asr 9000 series rsp440",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "crs performance route processors",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "4.0.3 (cisco crs performance route processors)"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "4.0.4 (cisco crs performance route processors)"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "4.1.0 (cisco crs performance route processors)"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "4.1.1 (cisco crs performance route processors)"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "4.1.2 (cisco crs performance route processors)"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "4.2.0 (cisco asr 9000 series  rsp440)"
      },
      {
        "model": "ios xr",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "4.2.0 (cisco crs performance route processors)"
      },
      {
        "model": "ios xr",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.2.1"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-2953"
      },
      {
        "db": "BID",
        "id": "53728"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002584"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2488"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201205-550"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "4.2.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asr_9000_rsp440_router:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:4.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:4.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:4.1.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:4.2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:4.0.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios_xr:4.0.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:crs_performance_route_processor:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-2488"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "53728"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201205-550"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2012-2488",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.8,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2012-2488",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-55769",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2012-2488",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201205-550",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-55769",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-55769"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002584"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2488"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201205-550"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series devices allows remote attackers to cause a denial of service (packet transmission outage) via a crafted packet, aka Bug IDs CSCty94537 and CSCtz62593. The problem is Bug ID CSCty94537 and CSCtz62593 It is a problem.Denial of service operation via a packet crafted by a third party ( Stop packet transmission ) There is a possibility of being put into a state. Cisco IOS XR is a member of the Cisco IOS Software family that uses a microkernel-based operating system architecture. On the Processor (PRP). The attacker can send a specially-made packet to the affected system, causing the packet originating from the route processor CPU to stop transmitting to the fabric, and finally triggering the denial of service attack. \nThis issue is being tracked by Cisco Bug IDs CSCty94537 (ASR 9000) and CSCtz62593 (CRS). ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco IOS XR Denial of Service Vulnerability\n\nSECUNIA ADVISORY ID:\nSA49329\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49329/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49329\n\nRELEASE DATE:\n2012-05-31\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49329/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49329/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49329\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Cisco IOS XR, which can be\nexploited by malicious people to cause a DoS (Denial of Service). \n\nThe vulnerability is caused due to an unspecified error when\nprocessing certain packets and can be exploited to stop outbound\npackets from being transmitted via specially crafted packets sent to\na configured address on the device. \n\nNOTE: Transit traffic packets do not trigger this vulnerability. \n\nPlease see the vendor\u0027s advisory for the list of affected products\nand versions. \n\nSOLUTION:\nApply updates. Please see the vendor\u0027s advisory for more information. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120530-iosxr\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-2488"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002584"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-2953"
      },
      {
        "db": "BID",
        "id": "53728"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55769"
      },
      {
        "db": "PACKETSTORM",
        "id": "113163"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2012-2488",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "53728",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "49329",
        "trust": 1.2
      },
      {
        "db": "SECTRACK",
        "id": "1027104",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002584",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201205-550",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-2953",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "19719",
        "trust": 0.6
      },
      {
        "db": "CISCO",
        "id": "20120530 CISCO IOS XR SOFTWARE ROUTE PROCESSOR DENIAL OF SERVICE VULNERABILITY",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-55769",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "113163",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-2953"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55769"
      },
      {
        "db": "BID",
        "id": "53728"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002584"
      },
      {
        "db": "PACKETSTORM",
        "id": "113163"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2488"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201205-550"
      }
    ]
  },
  "id": "VAR-201205-0146",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-2953"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55769"
      }
    ],
    "trust": 1.4577778
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-2953"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:40:07.865000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20120530-iosxr",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20120530-iosxr"
      },
      {
        "title": "cisco-sa-20120530-iosxr",
        "trust": 0.8,
        "url": "http://www.cisco.com/cisco/web/support/jp/111/1111/1111200_cisco-sa-20120530-iosxr-j.html"
      },
      {
        "title": "Patch for Cisco IOS XR Route Processor Denial of Service Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/17556"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-2953"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002584"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-55769"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002584"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2488"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.7,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20120530-iosxr"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/53728"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id?1027104"
      },
      {
        "trust": 1.1,
        "url": "http://secunia.com/advisories/49329"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2488"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2488"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/19719"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/en/us/products/ps5845/index.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49329/"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49329"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/psi_30_beta_launch"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49329/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-2953"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55769"
      },
      {
        "db": "BID",
        "id": "53728"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002584"
      },
      {
        "db": "PACKETSTORM",
        "id": "113163"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2488"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201205-550"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-2953"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55769"
      },
      {
        "db": "BID",
        "id": "53728"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002584"
      },
      {
        "db": "PACKETSTORM",
        "id": "113163"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2488"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201205-550"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-06-01T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-2953"
      },
      {
        "date": "2012-05-31T00:00:00",
        "db": "VULHUB",
        "id": "VHN-55769"
      },
      {
        "date": "2012-05-30T00:00:00",
        "db": "BID",
        "id": "53728"
      },
      {
        "date": "2012-06-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-002584"
      },
      {
        "date": "2012-05-31T04:10:56",
        "db": "PACKETSTORM",
        "id": "113163"
      },
      {
        "date": "2012-05-31T10:17:38.763000",
        "db": "NVD",
        "id": "CVE-2012-2488"
      },
      {
        "date": "2012-05-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201205-550"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-06-01T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-2953"
      },
      {
        "date": "2012-08-25T00:00:00",
        "db": "VULHUB",
        "id": "VHN-55769"
      },
      {
        "date": "2012-08-16T11:10:00",
        "db": "BID",
        "id": "53728"
      },
      {
        "date": "2012-06-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-002584"
      },
      {
        "date": "2012-08-25T03:27:12.130000",
        "db": "NVD",
        "id": "CVE-2012-2488"
      },
      {
        "date": "2012-06-01T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201205-550"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201205-550"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco ASR 9000 and  CRS Series  Cisco IOS XR Service disruption in  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002584"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201205-550"
      }
    ],
    "trust": 0.6
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2012-2488 (GCVE-0-2012-2488)

Solution

Solution

Solution

Solution

Tags

Sightings

Nomenclature