CVE-2012-1366

Published: Apr 23, 2014Modified: May 6, 2026

6.1

Vector

AV:A/AC:L/Au:N/C:N/I:N/A:C

Exploitability: 6.5 / Impact: 6.9

Source: NVD

Description

Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544.

Affected (10)

Products: Cisco: Ios, Asr 1001, Asr 1002, Asr 1002 X, Asr 1002 Fixed Router, Asr 1004, Asr 1006, Asr 1013, Asr 1023 Router, Asr 9000 Rsp440 Router

10 products

Asr 1002 Fixed Router

Asr 9000 Rsp440 Router

Configuration A

10 vulnerable

Vulnerable Software	Affected Versions
Cisco Ios	Version 15.1
Cisco Asr 1001	All versions
Cisco Asr 1002	All versions
Cisco Asr 1002 X	All versions
Cisco Asr 1002 Fixed Router	All versions
Cisco Asr 1004	All versions
Cisco Asr 1006	All versions
Cisco Asr 1013	All versions
Cisco Asr 1023 Router	All versions
Cisco Asr 9000 Rsp440 Router	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (2)

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf

Source: psirt@cisco.com

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.