CVE-2012-5723

Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.1 UNKNOWN
ADJACENT_NETWORK
LOW
AV:A/AC:L/Au:N/C:N/I:N/A:C
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 40%
VendorProductVersion
ciscoios_xe
𝑥
≤ 3.7s\(.1\)
ciscoios_xe
3.6.0s:s
ciscoios_xe
3.6.1s:s
ciscoios_xe
3.6.2s:s
ciscoios_xe
3.6s\(.0\):s
ciscoios_xe
3.6s\(.1\):s
ciscoios_xe
3.6s\(.2\):s
ciscoios_xe
3.7.0s:s
ciscoios_xe
3.7.1s:s
ciscoios_xe
3.7.2s:s
ciscoios_xe
3.7s\(.0\):s
ciscoasr_1001
-
ciscoasr_1002
-
ciscoasr_1002-x
-
ciscoasr_1002_fixed_router
-
ciscoasr_1004
-
ciscoasr_1006
-
ciscoasr_1013
-
ciscoasr_1023_router
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.cisco.com/c/en/us/td/docs/routers/asr1000/release/notes/asr1k_rn_rel_notes/asr1k_caveats_38s.html
http://www.cisco.com/c/en/us/td/docs/routers/asr1000/release/notes/asr1k_rn_rel_notes/asr1k_caveats_38s.html