Sign-up

ID

VAR-201205-0012


CVE

CVE-2011-2586


TITLE

Cisco IOS of HTTP Service disruption at the client ( Device crash ) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2011-005043

DESCRIPTION

The HTTP client in Cisco IOS 12.4 and 15.0 allows user-assisted remote attackers to cause a denial of service (device crash) via a malformed HTTP response to a request for service installation, aka Bug ID CSCts12249. IOS is prone to a denial-of-service vulnerability. Cisco IOS is an operating system developed by Cisco in the United States for its network equipment

Trust: 1.98

sources: NVD: CVE-2011-2586 // JVNDB: JVNDB-2011-005043 // BID: 78439 // VULHUB: VHN-50531

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion:15.0

Trust: 2.7

vendor:ciscomodel:iosscope:eqversion:12.4

Trust: 2.7

sources: BID: 78439 // JVNDB: JVNDB-2011-005043 // CNNVD: CNNVD-201205-032 // NVD: CVE-2011-2586

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-2586
value: MEDIUM

Trust: 1.0

NVD: CVE-2011-2586
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201205-032
value: MEDIUM

Trust: 0.6

VULHUB: VHN-50531
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2011-2586
severity: MEDIUM
baseScore: 5.4
vectorString: AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-50531
severity: MEDIUM
baseScore: 5.4
vectorString: AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-50531 // JVNDB: JVNDB-2011-005043 // CNNVD: CNNVD-201205-032 // NVD: CVE-2011-2586

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-50531 // JVNDB: JVNDB-2011-005043 // NVD: CVE-2011-2586

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201205-032

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201205-032

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2011-005043

PATCH
title:24436url:http://tools.cisco.com/security/center/viewAlert.x?alertId=24436
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2011-005043

EXTERNAL IDS
db:NVDid:CVE-2011-2586
Trust: 2.8
db:SECTRACKid:1027005
Trust: 1.4
db:JVNDBid:JVNDB-2011-005043
Trust: 0.8
db:CNNVDid:CNNVD-201205-032
Trust: 0.7
db:BIDid:78439
Trust: 0.4
db:VULHUBid:VHN-50531
Trust: 0.1
sources:
            
            
            VULHUB: VHN-50531 // 
            
            
            
            BID: 78439 // 
            
            
            
            JVNDB: JVNDB-2011-005043 // 
            
            
            
            CNNVD: CNNVD-201205-032 // 
            
            
            
            NVD: CVE-2011-2586

REFERENCES
url:http://tools.cisco.com/security/center/viewalert.x?alertid=24436
Trust: 2.0
url:http://www.securitytracker.com/id?1027005
Trust: 1.4
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2586
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2586
Trust: 0.8
sources:
            
            
            VULHUB: VHN-50531 // 
            
            
            
            BID: 78439 // 
            
            
            
            JVNDB: JVNDB-2011-005043 // 
            
            
            
            CNNVD: CNNVD-201205-032 // 
            
            
            
            NVD: CVE-2011-2586

CREDITS
Unknown
Trust: 0.3
sources:
            
            
            BID: 78439

SOURCES
db:VULHUBid:VHN-50531
db:BIDid:78439
db:JVNDBid:JVNDB-2011-005043
db:CNNVDid:CNNVD-201205-032
db:NVDid:CVE-2011-2586

LAST UPDATE DATE
2025-04-11T22:49:39.580000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-50531date:2012-10-30T00:00:00
db:BIDid:78439date:2012-05-02T00:00:00
db:JVNDBid:JVNDB-2011-005043date:2012-05-08T00:00:00
db:CNNVDid:CNNVD-201205-032date:2012-05-03T00:00:00
db:NVDid:CVE-2011-2586date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:VULHUBid:VHN-50531date:2012-05-02T00:00:00
db:BIDid:78439date:2012-05-02T00:00:00
db:JVNDBid:JVNDB-2011-005043date:2012-05-08T00:00:00
db:CNNVDid:CNNVD-201205-032date:2012-05-03T00:00:00
db:NVDid:CVE-2011-2586date:2012-05-02T10:09:21.237