PT-2012-3195 · Cisco · Cisco Ios

Published

2012-08-06

Updated

2013-04-02

CVE-2012-1338

CVSS v2.0

6.3

Medium

Vector

AV:N/AC:M/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 15.0 and 15.1 on Catalyst 3560 and 3750 series switches

Description The issue allows remote authenticated users to cause a denial of service, resulting in a device reload, by completing local web authentication quickly.

Recommendations For Cisco IOS versions 15.0 and 15.1, consider implementing rate limiting or slowing down the local web authentication process to prevent quick completion and subsequent denial of service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

CVE-2012-1338

Affected Products

Cisco Ios

PT-2012-3195 · Cisco · Cisco Ios

CVE-2012-1338

Weakness Enumeration

Related Identifiers

Affected Products

References · 3