CVE-2012-4658

Cisco IOS <15.1(1)SY3 - DoS

Title source: llm

Description

The ios-authproxy implementation in Cisco IOS before 15.1(1)SY3 allows remote attackers to cause a denial of service (webauth and HTTP service outage) via vectors that trigger incorrectly terminated HTTP sessions, aka Bug ID CSCtz99447.

References (1)

[Vendor Advisory] http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf

Scores

EPSS 0.0040

EPSS Percentile 60.4%

Classification

CWE

CWE-287

Status draft

Affected Products (4)

cisco/ios < 15.1\(1\)sy2

cisco/ios

Timeline

Published Apr 23, 2014

Tracked Since Feb 18, 2026