CVE-2012-3923

The SSLVPN implementation in Cisco IOS 12.4, 15.0, 15.1, and 15.2, when DTLS is not enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service (device crash) via a session involving a PPP over ATM (PPPoA) interface, aka Bug ID CSCte41827.

CVSS v2.0 3.5 LOW

3.5^/10

CVSS v2.0 : LOW

Vector : AV:N/AC:M/Au:S/C:N/I:N/A:P

Exploitability : 6.8 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://www.cisco.com/en/US/docs/ios/15_2m_and_t/release/notes/152-1TCAVS.html	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/78670
http://www.cisco.com/en/US/docs/ios/15_2m_and_t/release/notes/152-1TCAVS.html	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/78670

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:cisco:ios:12.4:::::::*
	cpe:2.3:o:cisco:ios:15.0:::::::*
	cpe:2.3:o:cisco:ios:15.1:::::::*
	cpe:2.3:o:cisco:ios:15.2:::::::*

History

21 Nov 2024, 01:41

Type	Values Removed	Values Added
References	~~() http://www.cisco.com/en/US/docs/ios/15_2m_and_t/release/notes/152-1TCAVS.html - Vendor Advisory~~	() http://www.cisco.com/en/US/docs/ios/15_2m_and_t/release/notes/152-1TCAVS.html - Vendor Advisory
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/78670 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/78670 -

Information

Published : 2012-09-16 10:34

Updated : 2025-04-11 00:51

NVD link : CVE-2012-3923

Mitre link : CVE-2012-3923

CVE.ORG link : CVE-2012-3923

JSON object : View

Products Affected

cisco

ios

CWE

NVD-CWE-noinfo

{"id": "CVE-2012-3923", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-09-16T10:34:51.393", "references": [{"url": "http://www.cisco.com/en/US/docs/ios/15_2m_and_t/release/notes/152-1TCAVS.html", "tags": ["Vendor Advisory"], "source": "psirt@cisco.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78670", "source": "psirt@cisco.com"}, {"url": "http://www.cisco.com/en/US/docs/ios/15_2m_and_t/release/notes/152-1TCAVS.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78670", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "The SSLVPN implementation in Cisco IOS 12.4, 15.0, 15.1, and 15.2, when DTLS is not enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service (device crash) via a session involving a PPP over ATM (PPPoA) interface, aka Bug ID CSCte41827."}, {"lang": "es", "value": "La implementaci\u00f3n de SSLVPN en Cisco IOS v12.4, v15.0, v15.1, y v15.2, cuando DTLS no est\u00e1 habilitado, no controla correctamente ciertas configuraciones de las listas de control de acceso ACL, lo que permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (ca\u00edda de dispositivo) a trav\u00e9s de una sesi\u00f3n que implica al interfase PPP sobre ATM (PPPoA), tambi\u00e9n conocido como Bug ID CSCte41827."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D4D8C72-E7BB-40BF-9AE5-622794D63E09"}, {"criteria": "cpe:2.3:o:cisco:ios:15.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF87CC9A-1AF5-4DB4-ACE5-DB938D3B2F84"}, {"criteria": "cpe:2.3:o:cisco:ios:15.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB41294E-F3DF-4F1E-A4C8-E90B21A88836"}, {"criteria": "cpe:2.3:o:cisco:ios:15.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2AB6A02-B7C7-48D1-8857-BD1CDF9A40D8"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@cisco.com"}