Vulnerabilities > CVE-2011-1651 - Resource Management Errors vulnerability in Cisco IOS XR

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

cisco

CWE-399

NVD

Published: 2011-05-31

Updated: 2011-09-07

Summary

Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when an SPA interface processor is installed, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCto45095.

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco IOS XR 3.0 Cisco IOS XR 3.9.0 Cisco IOS XR 3.9.1 Cisco IOS XR 3.9.2 Cisco IOS XR 4.0.0 Cisco IOS XR 4.0.1 Cisco IOS XR 4.0.2 Cisco IOS XR 4.1	8

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

References

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b7f191.shtml
http://www.securitytracker.com/id?1025567