Vulnerability Details : CVE-2011-0946
The NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload or hang) via malformed NetMeeting Directory (aka Internet Locator Service or ILS) LDAP traffic, aka Bug ID CSCtd10712.
Vulnerability category: Denial of service
Products affected by CVE-2011-0946
- cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.1.1sg:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.1.0sg:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-0946
0.84%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 73 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-0946
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST |
References for CVE-2011-0946
-
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d4d.shtml
Cisco IOS Software Network Address Translation Vulnerabilities - CiscoVendor Advisory
-
http://tools.cisco.com/security/center/viewAlert.x?alertId=24117
Cisco IOS Software NetMeeting Directory LDAP Network Address Translation Processing Denial of Service VulnerabilityVendor Advisory
Jump to