CVE-2012-3946

Published: Apr 24, 2014Modified: May 6, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

Affected (1)

Products: Cisco: Ios

Cisco

1 product

Ios

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Ios	Up to 15.3

Related CWEs

CWE-264

References (2)

http://www.cisco.com/c/en/us/td/docs/ios/15_3s/release/notes/15_3s_rel_notes/15_3s_caveats_15_3_2s.html

Source: psirt@cisco.com

http://www.cisco.com/c/en/us/td/docs/ios/15_3s/release/notes/15_3s_rel_notes/15_3s_caveats_15_3_2s.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.