Detections
Analytics

Cisco IOS Clientless SSL VPN DoS

low Nessus Plugin ID 61576

Language:

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

The remote Cisco IOS device is configured for clientless SSL VPN. It is, therefore, affected by a denial of service vulnerability due to an unspecified flaw that causes a device reload when using a web browser to refresh the SSL VPN portal page. A remote, authenticated attacker can exploit this to cause a denial of service.

Solution

Contact Cisco for updated software.

See Also

https://tools.cisco.com/security/center/viewAlert.x?alertId=26602

Plugin Details

Severity: Low

ID: 61576

File Name: cisco_ios_CSCtr86328.nasl

Version: 1.11

Type: local

Family: CISCO

Published: 8/17/2012

Updated: 12/4/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Low

Base Score: 3.5

Temporal Score: 2.6

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:N/A:P

CVSS Score Source: CVE-2012-1344

Vulnerability Information

CPE: cpe:/o:cisco:ios

Required KB Items: Host/Cisco/IOS/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 8/10/2012

Vulnerability Publication Date: 8/10/2012

Reference Information

CVE: CVE-2012-1344

BID: 54835

CISCO-BUG-ID: CSCtr86328