Vulnerabilities > CVE-2012-1312 - Resource Management Errors vulnerability in Cisco IOS 15.1/15.2
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The MACE feature in Cisco IOS 15.1 and 15.2 allows remote attackers to cause a denial of service (device reload) via crafted transit traffic, aka Bug IDs CSCtq64987 and CSCtu57226.
Common Weakness Enumeration (CWE)
Nessus
| NASL family | CISCO |
| NASL id | CISCO-SA-20120328-MACE.NASL |
| description | The version of Cisco IOS installed on the remote device is affected by multiple denial of service vulnerabilities due to message parsing flaws related to the Wide Area Application Services (WAAS) Express feature and the Measurement, Aggregation, and Correlation Engine (MACE) feature. A remote, unauthenticated attacker can exploit these flaws, via crafted requests, to cause a device reload or consumption of memory, resulting in a denial of service condition. |
| last seen | 2019-10-28 |
| modified | 2012-04-02 |
| plugin id | 58567 |
| published | 2012-04-02 |
| reporter | This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/58567 |
| title | Cisco IOS Software Traffic Optimization Features Multiple DoS |
References
- http://osvdb.org/80703
- http://osvdb.org/80703
- http://secunia.com/advisories/48595
- http://secunia.com/advisories/48595
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-mace
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-mace
- http://www.securityfocus.com/bid/52751
- http://www.securityfocus.com/bid/52751
- http://www.securitytracker.com/id?1026862
- http://www.securitytracker.com/id?1026862
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74429
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74429