Details of VAR-201404-0035

ID

VAR-201404-0035

CVE

CVE-2012-5044

TITLE

Cisco IOS Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2012-006204

DESCRIPTION

Cisco IOS before 15.3(1)T, when media flow-around is not used, allows remote attackers to cause a denial of service (media loops and stack memory corruption) via VoIP traffic, aka Bug ID CSCub45809. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. IOSMigrate is prone to a denial-of-service vulnerability. A security vulnerability exists in Cisco IOS 15.2(2)T and earlier releases

Trust: 2.52

sources: NVD: CVE-2012-5044 // JVNDB: JVNDB-2012-006204 // CNVD: CNVD-2014-02647 // BID: 78097 // VULHUB: VHN-58325

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2014-02647

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	lte	version:	15.2\(2\)t	Trust: 1.0
vendor:	cisco	model:	ios	scope:	lt	version:	15.3(1)t	Trust: 0.8
vendor:	cisco	model:	ios 15.3 t	scope:	lte	version:	<=	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)t	Trust: 0.6
vendor:	cisco	model:	iosmigrate 15.2 t	scope:	-	version:	-	Trust: 0.3

sources: CNVD: CNVD-2014-02647 // BID: 78097 // JVNDB: JVNDB-2012-006204 // CNNVD: CNNVD-201404-461 // NVD: CVE-2012-5044

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-5044
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2012-5044
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2014-02647
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201404-461
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-58325
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2012-5044
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2014-02647
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-58325
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2014-02647 // VULHUB: VHN-58325 // JVNDB: JVNDB-2012-006204 // CNNVD: CNNVD-201404-461 // NVD: CVE-2012-5044

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-58325 // JVNDB: JVNDB-2012-006204 // NVD: CVE-2012-5044

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201404-461

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201404-461

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-006204

PATCH

title:	Release Notes for Cisco IOS Release 15.3M&T	url:	http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf	Trust: 0.8
title:	Patch for Cisco IOS Denial of Service Vulnerability (CNVD-2014-02647)	url:	https://www.cnvd.org.cn/patchInfo/show/45178	Trust: 0.6

sources: CNVD: CNVD-2014-02647 // JVNDB: JVNDB-2012-006204

EXTERNAL IDS

db:	NVD	id:	CVE-2012-5044	Trust: 3.4
db:	JVNDB	id:	JVNDB-2012-006204	Trust: 0.8
db:	CNNVD	id:	CNNVD-201404-461	Trust: 0.7
db:	CNVD	id:	CNVD-2014-02647	Trust: 0.6
db:	BID	id:	78097	Trust: 0.4
db:	VULHUB	id:	VHN-58325	Trust: 0.1

sources: CNVD: CNVD-2014-02647 // VULHUB: VHN-58325 // BID: 78097 // JVNDB: JVNDB-2012-006204 // CNNVD: CNNVD-201404-461 // NVD: CVE-2012-5044

REFERENCES

url:	http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf	Trust: 2.6
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5044	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5044	Trust: 0.8

sources: CNVD: CNVD-2014-02647 // VULHUB: VHN-58325 // BID: 78097 // JVNDB: JVNDB-2012-006204 // CNNVD: CNNVD-201404-461 // NVD: CVE-2012-5044

CREDITS

Unknown

Trust: 0.3

sources: BID: 78097

SOURCES

db:	CNVD	id:	CNVD-2014-02647
db:	VULHUB	id:	VHN-58325
db:	BID	id:	78097
db:	JVNDB	id:	JVNDB-2012-006204
db:	CNNVD	id:	CNNVD-201404-461
db:	NVD	id:	CVE-2012-5044

LAST UPDATE DATE

2025-04-12T23:28:56.099000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2014-02647	date:	2014-04-25T00:00:00
db:	VULHUB	id:	VHN-58325	date:	2014-04-23T00:00:00
db:	BID	id:	78097	date:	2014-04-23T00:00:00
db:	JVNDB	id:	JVNDB-2012-006204	date:	2014-04-24T00:00:00
db:	CNNVD	id:	CNNVD-201404-461	date:	2014-04-25T00:00:00
db:	NVD	id:	CVE-2012-5044	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2014-02647	date:	2014-04-25T00:00:00
db:	VULHUB	id:	VHN-58325	date:	2014-04-23T00:00:00
db:	BID	id:	78097	date:	2014-04-23T00:00:00
db:	JVNDB	id:	JVNDB-2012-006204	date:	2014-04-24T00:00:00
db:	CNNVD	id:	CNNVD-201404-461	date:	2014-04-25T00:00:00
db:	NVD	id:	CVE-2012-5044	date:	2014-04-23T11:52:59.197