Details of VAR-201209-0395

ID

VAR-201209-0395

CVE

CVE-2012-3919

TITLE

plural Cisco Used in products Cisco ACE Service disruption in modules (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2012-004410

DESCRIPTION

The Cisco Application Control Engine (ACE) module 3.0 for Cisco Catalyst switches and Cisco routers does not properly monitor Load Balancer (LB) queues, which allows remote attackers to cause a denial of service (incorrect memory access and module reboot) via application traffic, aka Bug ID CSCtw70879. The problem is Bug ID CSCtw70879 It is a problem.Service disruption via application traffic by a third party ( Incorrect memory access and module restart ) There is a possibility of being put into a state. Application Control Engine Module is prone to a denial-of-service vulnerability. Cisco Catalyst is a series of commercial grade switches distributed and maintained by CISCO Corporation

Trust: 2.07

sources: NVD: CVE-2012-3919 // JVNDB: JVNDB-2012-004410 // BID: 78144 // VULHUB: VHN-57200 // VULMON: CVE-2012-3919

AFFECTED PRODUCTS

vendor:	cisco	model:	application control engine module	scope:	eq	version:	3.0	Trust: 2.5
vendor:	cisco	model:	application control engine module	scope:	eq	version:	3.0.1	Trust: 0.3

sources: VULMON: CVE-2012-3919 // BID: 78144 // JVNDB: JVNDB-2012-004410 // CNNVD: CNNVD-201209-361 // NVD: CVE-2012-3919

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-3919
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2012-3919
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201209-361
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-57200
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2012-3919
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2012-3919
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-57200
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-57200 // VULMON: CVE-2012-3919 // JVNDB: JVNDB-2012-004410 // CNNVD: CNNVD-201209-361 // NVD: CVE-2012-3919

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-57200 // JVNDB: JVNDB-2012-004410 // NVD: CVE-2012-3919

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201209-361

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201209-361

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-004410

PATCH

title:	Release Note vA2(3.x), Cisco ACE Application Control Engine Module	url:	http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/vA2_3_x/Release/Note/RACEA2_3_X.html	Trust: 0.8
title:	VMware Security Advisories: VMware ESX updates to ESX Service Console	url:	https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories&qid=1459f8d3f5c5308900d206366452e07d	Trust: 0.1

sources: VULMON: CVE-2012-3919 // JVNDB: JVNDB-2012-004410

EXTERNAL IDS

db:	NVD	id:	CVE-2012-3919	Trust: 2.9
db:	JVNDB	id:	JVNDB-2012-004410	Trust: 0.8
db:	CNNVD	id:	CNNVD-201209-361	Trust: 0.7
db:	BID	id:	78144	Trust: 0.5
db:	XF	id:	78808	Trust: 0.3
db:	VULHUB	id:	VHN-57200	Trust: 0.1
db:	VULMON	id:	CVE-2012-3919	Trust: 0.1

sources: VULHUB: VHN-57200 // VULMON: CVE-2012-3919 // BID: 78144 // JVNDB: JVNDB-2012-004410 // CNNVD: CNNVD-201209-361 // NVD: CVE-2012-3919

REFERENCES

url:	http://www.cisco.com/en/us/docs/interfaces_modules/services_modules/ace/va2_3_x/release/note/racea2_3_x.html	Trust: 2.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/78808	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3919	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3919	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/78808	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/399.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.securityfocus.com/bid/78144	Trust: 0.1
url:	https://www.vmware.com/security/advisories/vmsa-2012-0008.html	Trust: 0.1

sources: VULHUB: VHN-57200 // VULMON: CVE-2012-3919 // BID: 78144 // JVNDB: JVNDB-2012-004410 // CNNVD: CNNVD-201209-361 // NVD: CVE-2012-3919

CREDITS

Unknown

Trust: 0.3

sources: BID: 78144

SOURCES

db:	VULHUB	id:	VHN-57200
db:	VULMON	id:	CVE-2012-3919
db:	BID	id:	78144
db:	JVNDB	id:	JVNDB-2012-004410
db:	CNNVD	id:	CNNVD-201209-361
db:	NVD	id:	CVE-2012-3919

LAST UPDATE DATE

2025-04-11T23:04:11.952000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-57200	date:	2017-08-29T00:00:00
db:	VULMON	id:	CVE-2012-3919	date:	2017-08-29T00:00:00
db:	BID	id:	78144	date:	2012-09-16T00:00:00
db:	JVNDB	id:	JVNDB-2012-004410	date:	2012-09-18T00:00:00
db:	CNNVD	id:	CNNVD-201209-361	date:	2012-09-19T00:00:00
db:	NVD	id:	CVE-2012-3919	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-57200	date:	2012-09-16T00:00:00
db:	VULMON	id:	CVE-2012-3919	date:	2012-09-16T00:00:00
db:	BID	id:	78144	date:	2012-09-16T00:00:00
db:	JVNDB	id:	JVNDB-2012-004410	date:	2012-09-18T00:00:00
db:	CNNVD	id:	CNNVD-201209-361	date:	2012-09-19T00:00:00
db:	NVD	id:	CVE-2012-3919	date:	2012-09-16T10:34:51.330