Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3924

Overview

Vulnerability Score 3.5 3.5
CVE Id CVE-2012-3924
Last Modified 25 Mar 2013 11:37:55
Published 16 Sep 2012 06:34:51
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2012-3924

Summary

The SSLVPN implementation in Cisco IOS 15.1 and 15.2, when DTLS is enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service (device crash) via a session involving a PPP over ATM (PPPoA) interface, aka Bug ID CSCty97961.

Vulnerable Systems

Operating System

  • Cisco Ios 15.1

  • Cisco Ios 15.2


References

CONFIRM - http://www.cisco.com/en/US/docs/ios/15_2m_and_t/release/notes/152-1TCAVS.html

XF - ciscoios-sslvpn-dtls-enabled-dos(78672)


Last Updated: 27 May 2016 11:00:42