CVE-2010-2836

Memory leak in the SSL VPN feature in Cisco IOS 12.4, 15.0, and 15.1, when HTTP port redirection is enabled, allows remote attackers to cause a denial of service (memory consumption) by improperly disconnecting SSL sessions, leading to connections that remain in the CLOSE-WAIT state, aka Bug ID CSCtg21685.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:C
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 61%
VendorProductVersion
ciscoios
12.4
ciscoios
12.4gc:gc
ciscoios
12.4mda:mda
ciscoios
12.4mr:mr
ciscoios
12.4mra:mra
ciscoios
12.4sw:sw
ciscoios
12.4xa:xa
ciscoios
12.4xb:xb
ciscoios
12.4xc:xc
ciscoios
12.4xd:xd
ciscoios
12.4xe:xe
ciscoios
12.4xf:xf
ciscoios
12.4xg:xg
ciscoios
12.4xj:xj
ciscoios
12.4xk:xk
ciscoios
12.4xl:xl
ciscoios
12.4xm:xm
ciscoios
12.4xn:xn
ciscoios
12.4xp:xp
ciscoios
12.4xt:xt
ciscoios
12.4xv:xv
ciscoios
12.4xw:xw
ciscoios
12.4xy:xy
ciscoios
12.4xz:xz
ciscoios
12.4ya:ya
ciscoios
12.4yb:yb
ciscoios
12.4yd:yd
ciscoios
15.0m:m
ciscoios
15.0xa:xa
ciscoios
15.1\(1\)xb1
ciscoios
15.1t:t
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a312.shtml
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a312.shtml