CVE-2011-1651 - Vulnerability Details - OpenCVE

Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when an SPA interface processor is installed, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCto45095.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Ios Xr

Configuration 1 [-]

OR	cpe:2.3:o:cisco:ios_xr:3.0:::::::*
	cpe:2.3:o:cisco:ios_xr:3.9.0:::::::*
	cpe:2.3:o:cisco:ios_xr:3.9.1:::::::*
	cpe:2.3:o:cisco:ios_xr:3.9.2:::::::*
	cpe:2.3:o:cisco:ios_xr:4.0.0:::::::*
	cpe:2.3:o:cisco:ios_xr:4.0.1:::::::*
	cpe:2.3:o:cisco:ios_xr:4.0.2:::::::*
	cpe:2.3:o:cisco:ios_xr:4.1:::::::*

No data.

References

Link	Providers
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b7f191.shtml
http://www.securitytracker.com/id?1025567

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2011-05-31T20:00:00

Updated: 2024-08-06T22:37:24.519Z

Reserved: 2011-04-05T00:00:00

Link: CVE-2011-1651

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2011-05-31T20:55:02.890

Modified: 2025-04-11T00:51:21.963

Link: CVE-2011-1651

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-05-25T00:00:00", "descriptions": [{"lang": "en", "value": "Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when an SPA interface processor is installed, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCto45095."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2011-09-07T09:00:00", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "1025567", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1025567"}, {"name": "20110525 Cisco XR 12000 Series Shared Port Adapters Interface Processor Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b7f191.shtml"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2011-1651", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when an SPA interface processor is installed, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCto45095."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1025567", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1025567"}, {"name": "20110525 Cisco XR 12000 Series Shared Port Adapters Interface Processor Vulnerability", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b7f191.shtml"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:37:24.519Z"}, "title": "CVE Program Container", "references": [{"name": "1025567", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1025567"}, {"name": "20110525 Cisco XR 12000 Series Shared Port Adapters Interface Processor Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b7f191.shtml"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2011-1651", "datePublished": "2011-05-31T20:00:00", "dateReserved": "2011-04-05T00:00:00", "dateUpdated": "2024-08-06T22:37:24.519Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xr:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "904CA41E-8168-41DE-AE84-941962A7BB71", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "1ECAB9C3-9248-4663-ABAE-31FFC969EF3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "10596213-9D2B-48A3-A733-744D41E90419", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "A07DCCD1-85D5-4ED2-B845-8C6EAC7E9D9B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F57421B-F54C-4C50-8B25-AF787E541C5A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3A865225-6AEA-430D-8DB6-E70F7ED5E547", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "5DA73AC0-1CD2-4B6B-940A-DBB0C97E2C09", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "06E63681-C89F-4569-A52C-B870D48E436C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when an SPA interface processor is installed, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCto45095."}, {"lang": "es", "value": "Cisco IOS XR 3.9.x y 4.0.x anteriores a 4.0.3 y 4.1.x anteriores a 4.1.1, si el procesador de interfaz SPA est\u00e1 instalado, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga del dispositivo) a trav\u00e9s de un paquete IPv4 modificado. Tambi\u00e9n conocido como Bug ID CSCto45095."}], "id": "CVE-2011-1651", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-05-31T20:55:02.890", "references": [{"source": "psirt@cisco.com", "tags": ["Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b7f191.shtml"}, {"source": "psirt@cisco.com", "url": "http://www.securitytracker.com/id?1025567"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b7f191.shtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1025567"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}