Published: 03/10/2011 Updated: 14/05/2012

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Unspecified vulnerability in the Smart Install functionality in Cisco IOS 12.2 and 15.1 allows remote malicious users to execute arbitrary code or cause a denial of service (device crash) via crafted TCP packets to port 4786, aka Bug ID CSCto10165.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios 12.2
cisco ios 15.1

A vulnerability exists in the Smart Install feature of Cisco Catalyst Switches running Cisco IOS Software that could allow an unauthenticated, remote attacker to perform remote code execution on the affected device Cisco has released software updates that address this vulnerability There are no workarounds available to mitigate this vulnerabi ...

In recent weeks, Cisco has published several documents related to the Smart Install feature: one Talos blog about potential misuse of the feature if left enabled, and two Cisco Security Advisories that were included in the March 2018 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication Given the heightened awareness, ...

NVD-CWE-noinfo http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d4f.shtml http://tools.cisco.com/security/center/viewAlert.x?alertId=24115 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110928-smart-install

CVE-2011-3271

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect