ID
VAR-201209-0198
CVE
CVE-2012-4620
TITLE
Cisco 10000 Runs on a series router Cisco IOS Service disruption in (DoS) Vulnerabilities
Trust: 0.8
DESCRIPTION
Cisco IOS 12.2 and 15.0 through 15.2 on Cisco 10000 series routers, when a tunnel interface exists, allows remote attackers to cause a denial of service (interface queue wedge) via tunneled (1) GRE/IP, (2) IPIP, or (3) IPv6 in IPv4 packets, aka Bug ID CSCts66808. Cisco IOS is a popular Internet operating system. As a result, some packets cannot be deleted in the queue. , causing a denial of service attack. This Cisco bug ID is CSCts66808. An attacker can exploit this issue to consume all available space in the affected interface queue, resulting in a queue wedge which may prevent new packets from being processed
Trust: 2.52
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | cisco | model: | ios | scope: | eq | version: | 12.2 | Trust: 3.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.2 | Trust: 1.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.0 | Trust: 1.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.0\(1\)se | Trust: 1.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.1 | Trust: 1.6 |
| vendor: | cisco | model: | 10008 router | scope: | eq | version: | * | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.0 to 15.2 | Trust: 0.8 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.0-15.2 | Trust: 0.6 |
| vendor: | cisco | model: | 10008 router | scope: | - | version: | - | Trust: 0.6 |
| vendor: | cisco | model: | ios 12.2 src1 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 src | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 sb8 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 sb6 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 sb5 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 sb4 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 sb3 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 sb2 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 sb10 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 sb1 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 sb | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 srd6 | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 srd3 | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 srd2 | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 srd1 | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 src5 | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 src4 | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 src3 | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 12.2 src2 | scope: | ne | version: | - | Trust: 0.3 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-399 | Trust: 1.9 |
THREAT TYPE
remote
Trust: 0.6
TYPE
resource management error
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | cisco-sa-20120926-c10k-tunnels | url: | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-c10k-tunnels | Trust: 0.8 |
| title: | cisco-sa-20120926-c10k-tunnels | url: | http://www.cisco.com/cisco/web/support/JP/111/1116/1116602_cisco-sa-20120926-c10k-tunnels-j.html | Trust: 0.8 |
| title: | Patch for Cisco IOS Queue Wedge Denial of Service Vulnerability (CNVD-2012-5490) | url: | https://www.cnvd.org.cn/patchInfo/show/23323 | Trust: 0.6 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2012-4620 | Trust: 3.4 |
| db: | BID | id: | 55696 | Trust: 1.4 |
| db: | SECTRACK | id: | 1027578 | Trust: 1.1 |
| db: | JVNDB | id: | JVNDB-2012-004642 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201209-613 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2012-5490 | Trust: 0.6 |
| db: | NSFOCUS | id: | 20886 | Trust: 0.6 |
| db: | CISCO | id: | 20120926 CISCO IOS SOFTWARE TUNNELED TRAFFIC QUEUE WEDGE VULNERABILITY | Trust: 0.6 |
| db: | VULHUB | id: | VHN-57901 | Trust: 0.1 |
REFERENCES
| url: | http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20120926-c10k-tunnels | Trust: 2.6 |
| url: | http://www.securityfocus.com/bid/55696 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id?1027578 | Trust: 1.1 |
| url: | https://exchange.xforce.ibmcloud.com/vulnerabilities/78883 | Trust: 1.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4620 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4620 | Trust: 0.8 |
| url: | http://www.nsfocus.net/vulndb/20886 | Trust: 0.6 |
| url: | http://www.cisco.com/ | Trust: 0.3 |
| url: | http://www.cisco.com/en/us/products/sw/iosswrel/products_ios_cisco_ios_software_category_home.html | Trust: 0.3 |
CREDITS
Cisco
Trust: 0.3
SOURCES
| db: | CNVD | id: | CNVD-2012-5490 |
| db: | VULHUB | id: | VHN-57901 |
| db: | BID | id: | 55696 |
| db: | JVNDB | id: | JVNDB-2012-004642 |
| db: | CNNVD | id: | CNNVD-201209-613 |
| db: | NVD | id: | CVE-2012-4620 |
LAST UPDATE DATE
2025-04-11T23:03:02.169000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2012-5490 | date: | 2012-09-28T00:00:00 |
| db: | VULHUB | id: | VHN-57901 | date: | 2017-08-29T00:00:00 |
| db: | BID | id: | 55696 | date: | 2012-09-26T00:00:00 |
| db: | JVNDB | id: | JVNDB-2012-004642 | date: | 2012-09-28T00:00:00 |
| db: | CNNVD | id: | CNNVD-201209-613 | date: | 2012-09-27T00:00:00 |
| db: | NVD | id: | CVE-2012-4620 | date: | 2025-04-11T00:51:21.963 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2012-5490 | date: | 2012-09-28T00:00:00 |
| db: | VULHUB | id: | VHN-57901 | date: | 2012-09-27T00:00:00 |
| db: | BID | id: | 55696 | date: | 2012-09-26T00:00:00 |
| db: | JVNDB | id: | JVNDB-2012-004642 | date: | 2012-09-28T00:00:00 |
| db: | CNNVD | id: | CNNVD-201209-613 | date: | 2012-09-27T00:00:00 |
| db: | NVD | id: | CVE-2012-4620 | date: | 2012-09-27T00:55:01.047 |