CVE-2011-3275

Published: Oct 3, 2011Modified: Apr 29, 2026

7.8

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability: 10.0 / Impact: 6.9

Source: NVD

Description

Memory leak in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x through 3.2.x, allows remote attackers to cause a denial of service (memory consumption) via a crafted SIP message, aka Bug ID CSCti48504.

Affected (17)

Products: Cisco: Ios, Ios Xe

Cisco

2 products

Ios

Ios Xe

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Cisco Ios	Version 12.4
Cisco Ios	Version 15.0
Cisco Ios	Version 15.1

Configuration B

14 vulnerable

Vulnerable Software	Affected Versions
Cisco Ios Xe	Version 2.5.0
Cisco Ios Xe	Version 2.5.1
Cisco Ios Xe	Version 2.5.2
Cisco Ios Xe	Version 2.6.0
Cisco Ios Xe	Version 2.6.1
Cisco Ios Xe	Version 2.6.2
Cisco Ios Xe	Version 3.1.0s
Cisco Ios Xe	Version 3.1.1s
Cisco Ios Xe	Version 3.1.2s
Cisco Ios Xe	Version 3.1.3s
Cisco Ios Xe	Version 3.1.4s
Cisco Ios Xe	Version 3.2.0s
Cisco Ios Xe	Version 3.2.1s
Cisco Ios Xe	Version 3.2.2s

Related CWEs

CWE-399

References (4)

http://tools.cisco.com/security/center/viewAlert.x?alertId=24130

Source: psirt@cisco.com

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d5a.shtml

Source: psirt@cisco.com

Vendor Advisory

http://tools.cisco.com/security/center/viewAlert.x?alertId=24130

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d5a.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.