Published: 28/03/2013 Updated: 29/03/2013
CVSS v2 Base Score: 7.1 | Impact Score: 6.9 | Exploitability Score: 8.6
VMScore: 632
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C

Vulnerability Summary

The RSVP protocol implementation in Cisco IOS 12.2 and 15.0 up to and including 15.2 and IOS XE 3.1.xS up to and including 3.4.xS prior to 3.4.5S and 3.5.xS up to and including 3.7.xS prior to 3.7.2S, when MPLS-TE is enabled, allows remote malicious users to cause a denial of service (incorrect memory access and device reload) via a traffic engineering PATH message in an RSVP packet, aka Bug ID CSCtg39957.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

cisco ios 15.1

cisco ios 15.0

cisco ios 15.0\\(1\\)se

cisco ios 15.3

cisco ios 12.2

cisco ios 15.2

cisco ios xe 3.4.0s

cisco ios xe 3.4.1s

cisco ios xe 3.4.2s

cisco ios xe 3.4.3s

cisco ios xe 3.1.0s

cisco ios xe 3.1.2s

cisco ios xe 3.2.2s

cisco ios xe 3.3.3s

cisco ios xe 3.3.1s

cisco ios xe 3.1.3s

cisco ios xe 3.1.4s

cisco ios xe 3.2.0s

cisco ios xe 3.3.2s

cisco ios xe 3.2.1s

cisco ios xe 3.1.1s

cisco ios xe 3.3.0s

cisco ios xe 3.5.1s

cisco ios xe 3.5.0s

cisco ios xe 3.5.2s

Vendor Advisories

The Resource Reservation Protocol (RSVP) feature in Cisco IOS Software and Cisco IOS XE Software contains a vulnerability when used on a device that has Multiprotocol Label Switching with Traffic Engineering (MPLS-TE) enabled Successful exploitation of the vulnerability could allow an unauthenticated, remote attacker to cause a reload of the affec ...