Vulnerability Details : CVE-2011-1651
Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when an SPA interface processor is installed, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCto45095.
Vulnerability category: Denial of service
Products affected by CVE-2011-1651
- cpe:2.3:o:cisco:ios_xr:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.9.0:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.9.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xr:3.9.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-1651
0.18%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 54 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-1651
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST |
CWE ids for CVE-2011-1651
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-1651
-
http://www.securitytracker.com/id?1025567
Cisco IOS XR SPA Interface Processor IPv4 Packet Processing Flaw Lets Remote Users Deny Service - SecurityTracker
-
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b7f191.shtml
Cisco XR 12000 Series Shared Port Adapters Interface Processor Vulnerability - CiscoVendor Advisory
Jump to