CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-0338

Cisco IOS 12.2 through 12.4 and 15.0 does not recognize the vrf-also keyword during enforcement of access-class commands, which allows remote attackers to establish SSH connections from arbitrary source IP addresses via a standard SSH client, aka Bug ID CSCsv86113.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.6%

CVSS Severity

CVSS v2 Score 5.0

References

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/release/notes/caveats_SXH_rebuilds.html
http://www.securitytracker.com/id?1027005
https://supportforums.cisco.com/thread/2030226
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/release/notes/caveats_SXH_rebuilds.html
http://www.securitytracker.com/id?1027005
https://supportforums.cisco.com/thread/2030226

Products affected by CVE-2012-0338

Cisco » Ios » Version: 12.2

cpe:2.3:o:cisco:ios:12.2
Cisco » Ios » Version: 12.3

cpe:2.3:o:cisco:ios:12.3
Cisco » Ios » Version: 12.4

cpe:2.3:o:cisco:ios:12.4
Cisco » Ios » Version: 15.0

cpe:2.3:o:cisco:ios:15.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-0338

Products

Pricing

Contact Us