Sign-up

ID

VAR-201404-0022


CVE

CVE-2012-5427


TITLE

Cisco IOS of Cisco IOS Unified Border Element Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2012-006206

DESCRIPTION

Cisco IOS Unified Border Element (CUBE) in Cisco IOS before 15.3(2)T allows remote authenticated users to cause a denial of service (input queue wedge) via a crafted series of RTCP packets, aka Bug ID CSCuc42518. The Cisco Unified Border Element optimizes connectivity between enterprise unified communications SIP trunks and public interactive telephony networks. IOS is prone to a denial-of-service vulnerability. Cisco IOS is an operating system developed by Cisco in the United States for its network equipment. A remote attacker can exploit this vulnerability to cause a denial of service with a large number of RTCP packets

Trust: 2.52

sources: NVD: CVE-2012-5427 // JVNDB: JVNDB-2012-006206 // CNVD: CNVD-2014-02671 // BID: 78089 // VULHUB: VHN-58708

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2014-02671

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion:15.3

Trust: 2.5

vendor:ciscomodel:iosscope:lteversion:15.3\(2\)s

Trust: 1.0

vendor:ciscomodel:iosscope:ltversion:15.3(2)t

Trust: 0.8

vendor:ciscomodel:iosscope:eqversion:15.3\(2\)s

Trust: 0.6

sources: CNVD: CNVD-2014-02671 // BID: 78089 // JVNDB: JVNDB-2012-006206 // CNNVD: CNNVD-201404-462 // NVD: CVE-2012-5427

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-5427
value: MEDIUM

Trust: 1.0

NVD: CVE-2012-5427
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2014-02671
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201404-462
value: MEDIUM

Trust: 0.6

VULHUB: VHN-58708
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2012-5427
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2014-02671
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-58708
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2014-02671 // VULHUB: VHN-58708 // JVNDB: JVNDB-2012-006206 // CNNVD: CNNVD-201404-462 // NVD: CVE-2012-5427

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-58708 // JVNDB: JVNDB-2012-006206 // NVD: CVE-2012-5427

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201404-462

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201404-462

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2012-006206

PATCH
title:Release Notes for Cisco IOS Release 15.3M&Turl:http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf
Trust: 0.8
title:Patch for Cisco IOS Unified Border Element (CUBE) Denial of Service Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/45202
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2014-02671 // 
            
            
            
            JVNDB: JVNDB-2012-006206

EXTERNAL IDS
db:NVDid:CVE-2012-5427
Trust: 3.4
db:JVNDBid:JVNDB-2012-006206
Trust: 0.8
db:CNNVDid:CNNVD-201404-462
Trust: 0.7
db:CNVDid:CNVD-2014-02671
Trust: 0.6
db:BIDid:78089
Trust: 0.4
db:VULHUBid:VHN-58708
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2014-02671 // 
            
            
            
            VULHUB: VHN-58708 // 
            
            
            
            BID: 78089 // 
            
            
            
            JVNDB: JVNDB-2012-006206 // 
            
            
            
            CNNVD: CNNVD-201404-462 // 
            
            
            
            NVD: CVE-2012-5427

REFERENCES
url:http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf
Trust: 2.0
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5427
Trust: 1.4
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5427
Trust: 0.8
url:http://www.cisco.com/go/psirt
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2014-02671 // 
            
            
            
            VULHUB: VHN-58708 // 
            
            
            
            BID: 78089 // 
            
            
            
            JVNDB: JVNDB-2012-006206 // 
            
            
            
            CNNVD: CNNVD-201404-462 // 
            
            
            
            NVD: CVE-2012-5427

CREDITS
Unknown
Trust: 0.3
sources:
            
            
            BID: 78089

SOURCES
db:CNVDid:CNVD-2014-02671
db:VULHUBid:VHN-58708
db:BIDid:78089
db:JVNDBid:JVNDB-2012-006206
db:CNNVDid:CNNVD-201404-462
db:NVDid:CVE-2012-5427

LAST UPDATE DATE
2025-04-12T23:00:29.329000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2014-02671date:2014-04-28T00:00:00
db:VULHUBid:VHN-58708date:2014-04-23T00:00:00
db:BIDid:78089date:2014-04-23T00:00:00
db:JVNDBid:JVNDB-2012-006206date:2014-04-24T00:00:00
db:CNNVDid:CNNVD-201404-462date:2014-04-25T00:00:00
db:NVDid:CVE-2012-5427date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CNVDid:CNVD-2014-02671date:2014-04-28T00:00:00
db:VULHUBid:VHN-58708date:2014-04-23T00:00:00
db:BIDid:78089date:2014-04-23T00:00:00
db:JVNDBid:JVNDB-2012-006206date:2014-04-24T00:00:00
db:CNNVDid:CNNVD-201404-462date:2014-04-25T00:00:00
db:NVDid:CVE-2012-5427date:2014-04-23T11:52:59.213