CVE-2011-2059

The ipv6 component in Cisco IOS before 15.1(4)M1.3 allows remote attackers to conduct fingerprinting attacks and obtain potentially sensitive information about the presence of the IOS operating system via an ICMPv6 Echo Request packet containing a Hop-by-Hop (HBH) extension header (EH) with a 0x0c01050c value in the PadN option data, aka Bug ID CSCtq02219.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
VendorProductVersion
ciscoios
𝑥
< 15.1\(4\)m1.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://blogs.cisco.com/security/1999tcp-redux-the-ipv6-flavor
http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=36606&signatureSubId=0
http://blogs.cisco.com/security/1999tcp-redux-the-ipv6-flavor
http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=36606&signatureSubId=0