CVE-2012-3062 : Cisco IOS before 15.1(1)SY, when Multicast Listener Discovery (MLD) snooping is

Cisco IOS before 15.1(1)SY, when Multicast Listener Discovery (MLD) snooping is enabled, allows remote attackers to cause a denial of service (CPU consumption or device crash) via MLD packets on a network that contains many IPv6 hosts, aka Bug ID CSCtr88193.

Published 2014-04-23 11:52:59

Updated 2025-04-12 10:46:41

Source Cisco Systems, Inc.

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2012-3062

Cisco » IOS » Version: 15.1
cpe:2.3:o:cisco:ios:15.1:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2012-3062

EPSS FAQ

0.17%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 35 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2012-3062

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.7	MEDIUM	AV:A/AC:M/Au:N/C:N/I:N/A:C	5.5	6.9	NIST
Access Vector: Adjacent Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete

CWE ids for CVE-2012-3062

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2012-3062

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2012-3062

Products affected by CVE-2012-3062

Exploit prediction scoring system (EPSS) score for CVE-2012-3062

CVSS scores for CVE-2012-3062

CWE ids for CVE-2012-3062

References for CVE-2012-3062