CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-3923

The SSLVPN implementation in Cisco IOS 12.4, 15.0, 15.1, and 15.2, when DTLS is not enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service (device crash) via a session involving a PPP over ATM (PPPoA) interface, aka Bug ID CSCte41827.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.5%

CVSS Severity

CVSS v2 Score 3.5

References

http://www.cisco.com/en/US/docs/ios/15_2m_and_t/release/notes/152-1TCAVS.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/78670
http://www.cisco.com/en/US/docs/ios/15_2m_and_t/release/notes/152-1TCAVS.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/78670

Products affected by CVE-2012-3923

Cisco » Ios » Version: 12.4

cpe:2.3:o:cisco:ios:12.4
Cisco » Ios » Version: 15.0

cpe:2.3:o:cisco:ios:15.0
Cisco » Ios » Version: 15.1

cpe:2.3:o:cisco:ios:15.1
Cisco » Ios » Version: 15.2

cpe:2.3:o:cisco:ios:15.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-3923

Products

Pricing

Contact Us