FKIE_CVE-2007-5651

Vulnerability from fkie_nvd - Published: 2007-10-23 21:47 - Updated: 2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IOS 12.3 and 12.4 on Cisco Access Points and 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 and 12.2 on Cisco switches (Wired EAP devices), and CatOS 6.x through 8.x on Cisco switches allows remote attackers to cause a denial of service (device reload) via a crafted EAP Response Identity packet.
References
cve@mitre.orghttp://secunia.com/advisories/27329
cve@mitre.orghttp://www.cisco.com/en/US/products/products_security_response09186a00808de8bb.html
cve@mitre.orghttp://www.securityfocus.com/bid/26139
cve@mitre.orghttp://www.securitytracker.com/id?1018842
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/3566
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/37300
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5288
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/27329
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_response09186a00808de8bb.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/26139
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1018842
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/3566
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/37300
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5288
Impacted products
Vendor Product Version
cisco catos 6.1
cisco catos 6.2
cisco catos 6.3
cisco catos 6.4
cisco catos 7.1
cisco catos 7.2
cisco catos 7.3
cisco catos 7.4
cisco catos 7.5
cisco catos 7.6
cisco catos 8.1
cisco catos 8.2
cisco catos 8.3
cisco catos 8.4
cisco catos 8.5
cisco ios 12.1
cisco ios 12.2
cisco ios 12.3ja
cisco ios 12.3jea
cisco ios 12.3jeb
cisco ios 12.3jec
cisco ios 12.4ja
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catos:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "06F049B3-FBE6-4951-896E-B8AE2D7BFBAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:catos:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D9D9464-757E-4723-A475-838DCB069FBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:catos:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBAB91B7-D94C-484C-8153-2345FB8991CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:catos:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "64B40395-B525-4471-8FE1-FB1D7BBD99EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:catos:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "904FC5E4-6BE0-4B15-8283-26F92922B78E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:catos:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCBC242B-1D34-4CAB-A96D-7B30DD83678B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:catos:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC67FF4D-ED26-44B7-8AB9-26F0BB2946BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:catos:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A7B5E1E-5698-4F69-AB53-C9F6339758C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:catos:7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A01B4160-AC81-4C2D-B34A-C46EC2C610E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:catos:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D726FE1E-26C9-41F2-AF59-8F8248449DE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:catos:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CCED76E-89CA-46E3-A285-2FB907780A66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:catos:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "75165FB6-B193-4DC9-A2FF-20F553111A1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:catos:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "34A3A284-36A9-4E8C-815D-6E2FE4C158DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:catos:8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "840F1B27-22E4-47C3-A4D9-5E43D5153CAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:catos:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C58A9E7-C119-4DC5-94E4-1701077330EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F2F9EC5-EDA2-4C99-BBF1-2F2C92AACE95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4BC49F2-3DCB-45F0-9030-13F6415EE178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3ja:*:*:*:*:*:*:*",
              "matchCriteriaId": "D73E5138-016A-48EC-A367-3D3285AAFED2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3jea:*:*:*:*:*:*:*",
              "matchCriteriaId": "C114F1A6-5DFE-408F-B83A-E8B9D4AF9791",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3jeb:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CD5C082-9730-466D-A4A8-E4EEE5F3730D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.3jec:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CF419BD-8474-4F33-9CDD-587E341ABA8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4ja:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB2B390-A39F-4082-BBCB-712BDD95886D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IOS 12.3 and 12.4 on Cisco Access Points and 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 and 12.2 on Cisco switches (Wired EAP devices), and CatOS 6.x through 8.x on Cisco switches allows remote attackers to cause a denial of service (device reload) via a crafted EAP Response Identity packet."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en la implementaci\u00f3n Extensible Authentication Protocol (EAP) en Cisco IOS 12.3 y 12.4 sobre Cisco Access Points y 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 y 12.2 sobre Cisco switches (Wired EAP dispositivos), y CatOS 6.x hasta la 8.x sobre Cisco switches permite a atacantes remotos provocar denegaci\u00f3n de servicio (recarga de dispositivo) a trav\u00e9s de un paquete EAP Response Identity manipulado."
    }
  ],
  "id": "CVE-2007-5651",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-10-23T21:47:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/27329"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.cisco.com/en/US/products/products_security_response09186a00808de8bb.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/26139"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018842"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/3566"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37300"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5288"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27329"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.cisco.com/en/US/products/products_security_response09186a00808de8bb.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/26139"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018842"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3566"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37300"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5288"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.