15.1

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

cisco

critical

NVD

Published: 2012-05-02

Updated: 2012-10-30

Summary

Cisco IOS 12.0, 15.0, and 15.1, when a Policy Feature Card 3C (PFC3C) is used, does not create a fragment entry during processing of an ICMPv6 ACL, which has unspecified impact and remote attack vectors, aka Bug ID CSCtj90091.

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco IOS 12.0 Cisco IOS 15.0 Cisco IOS 15.1	3

References

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/release/notes/caveats_SXJ.html
http://www.securitytracker.com/id?1027005