Vulnerabilities > CVE-2012-4622 - Resource Management Errors vulnerability in Cisco IOS XE 3.2.00.Xo.15.0(2)Xo

CVSS 7.1 - HIGH

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

cisco

CWE-399

nessus

NVD

Published: 2012-09-27

Updated: 2017-08-29

Summary

Cisco IOS XE 03.02.00.XO.15.0(2)XO on Catalyst 4500E series switches, when a Supervisor Engine 7L-E card is installed, allows remote attackers to cause a denial of service (card reload) via malformed packets that trigger uncorrected ECC error messages, aka Bug ID CSCty88456.

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco IOS XE 3.2.00.Xo.15.0\(2\)Xo	1
Hardware	Cisco Cisco Catalyst 4500E Series -	1

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Nessus

NASL family	CISCO
NASL id	CISCO-SA-20120926-ECC.NASL
description	The Catalyst 4500E series switch with Supervisor Engine 7L-E contains a denial of service (DoS) vulnerability when processing specially crafted packets that can cause a reload of the device. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
last seen	2020-05-09
modified	2013-07-08
plugin id	67204
published	2013-07-08
reporter	This script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/67204
title	Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability (cisco-sa-20120926-ecc)

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

References