Vulnerabilities > CVE-2012-1314 - Resource Management Errors vulnerability in Cisco IOS 15.1/15.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
The WAAS Express feature in Cisco IOS 15.1 and 15.2 allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted transit traffic, aka Bug ID CSCtt45381.
Common Weakness Enumeration (CWE)
Nessus
| NASL family | CISCO |
| NASL id | CISCO-SA-20120328-MACE.NASL |
| description | The version of Cisco IOS installed on the remote device is affected by multiple denial of service vulnerabilities due to message parsing flaws related to the Wide Area Application Services (WAAS) Express feature and the Measurement, Aggregation, and Correlation Engine (MACE) feature. A remote, unauthenticated attacker can exploit these flaws, via crafted requests, to cause a device reload or consumption of memory, resulting in a denial of service condition. |
| last seen | 2019-10-28 |
| modified | 2012-04-02 |
| plugin id | 58567 |
| published | 2012-04-02 |
| reporter | This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/58567 |
| title | Cisco IOS Software Traffic Optimization Features Multiple DoS |