CVE-2011-4007
Cisco IOS 15.0-15.1 and IOS XE 3.x - Denial of Service via MPLS Experimental Imposition Command
Title source: llmDescription
Cisco IOS 15.0 and 15.1 and IOS XE 3.x do not properly handle the "set mpls experimental imposition" command, which allows remote attackers to cause a denial of service (device crash) via network traffic that triggers (1) fragmentation or (2) reassembly, aka Bug ID CSCtr56576.
References (2)
Core 2
Core References
Release Notes x_refsource_confirm
http://www.cisco.com/en/US/docs/ios/ios_xe/3/release/notes/asr1k_caveats_33s.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1027005
Scores
EPSS
0.0120
EPSS Percentile
64.6%
Details
CWE
CWE-20
Status
published
Products (21)
cisco/ios
15.0
cisco/ios
15.1
cisco/ios_xe
3.1.0s
cisco/ios_xe
3.1.0sg
cisco/ios_xe
3.1.1s
cisco/ios_xe
3.1.1sg
cisco/ios_xe
3.1.2s
cisco/ios_xe
3.1.3s
cisco/ios_xe
3.1.4s
cisco/ios_xe
3.2.0s
... and 11 more
Published
May 02, 2012
Tracked Since
Feb 18, 2026