CVE-2011-3271 : Unspecified vulnerability in the Smart Install functionality in Cisco IOS 12.2 a

Unspecified vulnerability in the Smart Install functionality in Cisco IOS 12.2 and 15.1 allows remote attackers to execute arbitrary code or cause a denial of service (device crash) via crafted TCP packets to port 4786, aka Bug ID CSCto10165.

Published 2011-10-03 23:55:04

Updated 2012-05-14 04:00:00

Source Cisco Systems, Inc.

View at NVD, CVE.org

Vulnerability category: Execute codeDenial of service

Products affected by CVE-2011-3271

Cisco » IOS » Version: 12.2
cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*
Matching versions
Cisco » IOS » Version: 15.1
cpe:2.3:o:cisco:ios:15.1:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2011-3271

EPSS FAQ

0.83%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 82 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2011-3271

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2011-3271

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d4f.shtml

404 - Page Not Found - Cisco
Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=24115

Cisco IOS Software Smart Install Arbitrary Code Execution Vulnerability

Jump to

Vulnerability Details : CVE-2011-3271

Products affected by CVE-2011-3271

Exploit prediction scoring system (EPSS) score for CVE-2011-3271

CVSS scores for CVE-2011-3271

References for CVE-2011-3271