CVE Vulnerability

CVE-2007-4285

Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or component crash) via crafted IPv6 packets with a Type 0 routing header.

9 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 8.5

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact COMPLETE

Scope

References
Link Resource
http://www.cisco.com/en/US/products/products_security_advisory09186a0080899647.shtml Patch Vendor Advisory
http://www.securitytracker.com/id?1018542
http://secunia.com/advisories/26359 Vendor Advisory
http://www.vupen.com/english/advisories/2007/2819 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/35906
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5840
Configurations

Configuration 1

cpe:2.3:o:cisco:ios:12.3:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*
Information

Published : 2007-08-09 09:17

Updated : 2017-09-29 01:29

NVD link : CVE-2007-4285

Mitre link : CVE-2007-4285

Products Affected
No products.
CWE
NVD-CWE-noinfo