Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3923

Overview

Vulnerability Score 3.5 3.5
CVE Id CVE-2012-3923
Last Modified 25 Mar 2013 11:37:55
Published 16 Sep 2012 06:34:51
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2012-3923

Summary

The SSLVPN implementation in Cisco IOS 12.4, 15.0, 15.1, and 15.2, when DTLS is not enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service (device crash) via a session involving a PPP over ATM (PPPoA) interface, aka Bug ID CSCte41827.

Vulnerable Systems

Operating System

  • Cisco Ios 12.4

  • Cisco Ios 15.0

  • Cisco Ios 15.1

  • Cisco Ios 15.2


References

CONFIRM - http://www.cisco.com/en/US/docs/ios/15_2m_and_t/release/notes/152-1TCAVS.html

XF - ciscoios-sslvpn-dtls-dos(78670)


Last Updated: 27 May 2016 11:00:42