Details of VAR-201404-0039

ID

VAR-201404-0039

CVE

CVE-2012-3918

TITLE

Cisco 2900 Run on device Cisco IOS Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2012-006194

DESCRIPTION

Cisco IOS before 15.3(1)T on Cisco 2900 devices, when a VWIC2-2MFT-T1/E1 card is configured for TDM/HDLC mode, allows remote attackers to cause a denial of service (serial-interface outage) via certain Frame Relay traffic, aka Bug ID CSCub13317. Vendors have confirmed this vulnerability Bug ID CSCub13317 It is released as.By a third party Frame Relay Service disruption through traffic ( Stop serial interface ) There is a possibility of being put into a state. IOS is prone to a denial-of-service vulnerability. A security vulnerability exists in Cisco IOS releases prior to 15.3(1)T on Cisco 2900 devices

Trust: 1.98

sources: NVD: CVE-2012-3918 // JVNDB: JVNDB-2012-006194 // BID: 78130 // VULHUB: VHN-57199

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	eq	version:	15.3	Trust: 1.9
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)m1	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.3s	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(2\)s	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)m	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)s	Trust: 1.6
vendor:	cisco	model:	catalyst 2900 vlan	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	ios	scope:	lte	version:	15.3\(3\)m2	Trust: 1.0
vendor:	cisco	model:	catalyst 2900	scope:	eq	version:	xl	Trust: 1.0
vendor:	cisco	model:	catalyst 2900	scope:	eq	version:	lre_xl	Trust: 1.0
vendor:	cisco	model:	catalyst 2900xl	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	catalyst 2900	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	catalyst 2900 xl series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	catalyst 2900 series	scope:	eq	version:	none	Trust: 0.8
vendor:	cisco	model:	catalyst 2900 series	scope:	eq	version:	lre xl	Trust: 0.8
vendor:	cisco	model:	catalyst 2900 series	scope:	eq	version:	xl	Trust: 0.8
vendor:	cisco	model:	catalyst 2900 series vlan	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ios	scope:	lt	version:	15.3(1)t	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	15.3\(3\)m2	Trust: 0.6
vendor:	cisco	model:	ios 15.3 s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	catalyst xl	scope:	eq	version:	2900	Trust: 0.3
vendor:	cisco	model:	catalyst lre xl	scope:	eq	version:	2900	Trust: 0.3
vendor:	cisco	model:	catalyst	scope:	eq	version:	2900	Trust: 0.3

sources: BID: 78130 // JVNDB: JVNDB-2012-006194 // CNNVD: CNNVD-201404-450 // NVD: CVE-2012-3918

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-3918
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2012-3918
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201404-450
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-57199
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2012-3918
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-57199
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-57199 // JVNDB: JVNDB-2012-006194 // CNNVD: CNNVD-201404-450 // NVD: CVE-2012-3918

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2012-3918

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201404-450

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201404-450

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-006194

PATCH

title:

Release Notes for Cisco IOS Release 15.3M&T

url:

http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf

Trust: 0.8

sources: JVNDB: JVNDB-2012-006194

EXTERNAL IDS

db:	NVD	id:	CVE-2012-3918	Trust: 2.8
db:	JVNDB	id:	JVNDB-2012-006194	Trust: 0.8
db:	CNNVD	id:	CNNVD-201404-450	Trust: 0.6
db:	BID	id:	78130	Trust: 0.4
db:	VULHUB	id:	VHN-57199	Trust: 0.1

sources: VULHUB: VHN-57199 // BID: 78130 // JVNDB: JVNDB-2012-006194 // CNNVD: CNNVD-201404-450 // NVD: CVE-2012-3918

REFERENCES

url:	http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf	Trust: 2.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3918	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3918	Trust: 0.8

sources: VULHUB: VHN-57199 // BID: 78130 // JVNDB: JVNDB-2012-006194 // CNNVD: CNNVD-201404-450 // NVD: CVE-2012-3918

CREDITS

Unknown

Trust: 0.3

sources: BID: 78130

SOURCES

db:	VULHUB	id:	VHN-57199
db:	BID	id:	78130
db:	JVNDB	id:	JVNDB-2012-006194
db:	CNNVD	id:	CNNVD-201404-450
db:	NVD	id:	CVE-2012-3918

LAST UPDATE DATE

2024-08-14T14:27:54.480000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-57199	date:	2014-04-23T00:00:00
db:	BID	id:	78130	date:	2014-04-23T00:00:00
db:	JVNDB	id:	JVNDB-2012-006194	date:	2014-04-24T00:00:00
db:	CNNVD	id:	CNNVD-201404-450	date:	2014-04-25T00:00:00
db:	NVD	id:	CVE-2012-3918	date:	2014-04-23T14:42:02.747

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-57199	date:	2014-04-23T00:00:00
db:	BID	id:	78130	date:	2014-04-23T00:00:00
db:	JVNDB	id:	JVNDB-2012-006194	date:	2014-04-24T00:00:00
db:	CNNVD	id:	CNNVD-201404-450	date:	2014-04-25T00:00:00
db:	NVD	id:	CVE-2012-3918	date:	2014-04-23T11:52:59.073