CVE-2011-4007

Cisco IOS 15.0-15.1 and IOS XE 3.x - Denial of Service via MPLS Experimental Imposition Command

Title source: llm
STIX 2.1

Description

Cisco IOS 15.0 and 15.1 and IOS XE 3.x do not properly handle the "set mpls experimental imposition" command, which allows remote attackers to cause a denial of service (device crash) via network traffic that triggers (1) fragmentation or (2) reassembly, aka Bug ID CSCtr56576.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1027005

Scores

EPSS 0.0120
EPSS Percentile 64.6%

Details

CWE
CWE-20
Status published
Products (21)
cisco/ios 15.0
cisco/ios 15.1
cisco/ios_xe 3.1.0s
cisco/ios_xe 3.1.0sg
cisco/ios_xe 3.1.1s
cisco/ios_xe 3.1.1sg
cisco/ios_xe 3.1.2s
cisco/ios_xe 3.1.3s
cisco/ios_xe 3.1.4s
cisco/ios_xe 3.2.0s
... and 11 more
Published May 02, 2012
Tracked Since Feb 18, 2026