Details of VAR-201404-0026

ID

VAR-201404-0026

CVE

CVE-2012-3062

TITLE

Cisco IOS Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2012-006193

DESCRIPTION

Cisco IOS before 15.1(1)SY, when Multicast Listener Discovery (MLD) snooping is enabled, allows remote attackers to cause a denial of service (CPU consumption or device crash) via MLD packets on a network that contains many IPv6 hosts, aka Bug ID CSCtr88193. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. IOS is prone to a denial-of-service vulnerability. A security vulnerability exists in Cisco IOS Release 15.1

Trust: 2.52

sources: NVD: CVE-2012-3062 // JVNDB: JVNDB-2012-006193 // CNVD: CNVD-2014-02642 // BID: 78178 // VULHUB: VHN-56343

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2014-02642

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	eq	version:	15.1	Trust: 2.5
vendor:	cisco	model:	ios	scope:	lt	version:	15.1(1)sy	Trust: 0.8

sources: CNVD: CNVD-2014-02642 // BID: 78178 // JVNDB: JVNDB-2012-006193 // CNNVD: CNNVD-201404-449 // NVD: CVE-2012-3062

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-3062
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2012-3062
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2014-02642
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201404-449
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-56343
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2012-3062
severity:	MEDIUM
baseScore:	5.7
vectorString:	AV:A/AC:M/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	5.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2014-02642
severity:	MEDIUM
baseScore:	5.7
vectorString:	AV:A/AC:M/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	5.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-56343
severity:	MEDIUM
baseScore:	5.7
vectorString:	AV:A/AC:M/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	5.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2014-02642 // VULHUB: VHN-56343 // JVNDB: JVNDB-2012-006193 // CNNVD: CNNVD-201404-449 // NVD: CVE-2012-3062

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-56343 // JVNDB: JVNDB-2012-006193 // NVD: CVE-2012-3062

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201404-449

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201404-449

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-006193

PATCH

title:	Release Notes for Cisco IOS Release 15.1SY	url:	http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf	Trust: 0.8
title:	Patch for Cisco IOS Denial of Service Vulnerability (CNVD-2014-02642)	url:	https://www.cnvd.org.cn/patchInfo/show/45177	Trust: 0.6

sources: CNVD: CNVD-2014-02642 // JVNDB: JVNDB-2012-006193

EXTERNAL IDS

db:	NVD	id:	CVE-2012-3062	Trust: 3.4
db:	JVNDB	id:	JVNDB-2012-006193	Trust: 0.8
db:	CNVD	id:	CNVD-2014-02642	Trust: 0.6
db:	CNNVD	id:	CNNVD-201404-449	Trust: 0.6
db:	BID	id:	78178	Trust: 0.4
db:	VULHUB	id:	VHN-56343	Trust: 0.1

sources: CNVD: CNVD-2014-02642 // VULHUB: VHN-56343 // BID: 78178 // JVNDB: JVNDB-2012-006193 // CNNVD: CNNVD-201404-449 // NVD: CVE-2012-3062

REFERENCES

url:	http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1sy/release_notes.pdf	Trust: 2.6
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3062	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3062	Trust: 0.8

sources: CNVD: CNVD-2014-02642 // VULHUB: VHN-56343 // BID: 78178 // JVNDB: JVNDB-2012-006193 // CNNVD: CNNVD-201404-449 // NVD: CVE-2012-3062

CREDITS

Unknown

Trust: 0.3

sources: BID: 78178

SOURCES

db:	CNVD	id:	CNVD-2014-02642
db:	VULHUB	id:	VHN-56343
db:	BID	id:	78178
db:	JVNDB	id:	JVNDB-2012-006193
db:	CNNVD	id:	CNNVD-201404-449
db:	NVD	id:	CVE-2012-3062

LAST UPDATE DATE

2025-04-12T23:26:00.471000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2014-02642	date:	2014-04-25T00:00:00
db:	VULHUB	id:	VHN-56343	date:	2014-04-23T00:00:00
db:	BID	id:	78178	date:	2014-04-23T00:00:00
db:	JVNDB	id:	JVNDB-2012-006193	date:	2014-04-24T00:00:00
db:	CNNVD	id:	CNNVD-201404-449	date:	2014-04-25T00:00:00
db:	NVD	id:	CVE-2012-3062	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2014-02642	date:	2014-04-25T00:00:00
db:	VULHUB	id:	VHN-56343	date:	2014-04-23T00:00:00
db:	BID	id:	78178	date:	2014-04-23T00:00:00
db:	JVNDB	id:	JVNDB-2012-006193	date:	2014-04-24T00:00:00
db:	CNNVD	id:	CNNVD-201404-449	date:	2014-04-25T00:00:00
db:	NVD	id:	CVE-2012-3062	date:	2014-04-23T11:52:59.040