CVE-2017-3803

MEDIUM

Cisco IOS 15.2(2)E3 15.2(4)E1 - Unauthenticated Memory Leak and Partial Denial of Service via Forwarding Queue

Title source: llm
STIX 2.1

Description

A vulnerability in the Cisco IOS Software forwarding queue of Cisco 2960X and 3750X switches could allow an unauthenticated, adjacent attacker to cause a memory leak in the software forwarding queue that would eventually lead to a partial denial of service (DoS) condition. More Information: CSCva72252. Known Affected Releases: 15.2(2)E3 15.2(4)E1. Known Fixed Releases: 15.2(2)E6 15.2(4)E3 15.2(5)E1 15.2(5.3.28i)E1 15.2(6.0.49i)E 3.9(1)E.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/95632
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1037657

Scores

CVSS v3 4.7
EPSS 0.0056
EPSS Percentile 41.8%
Attack Vector ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

Details

CWE
CWE-772
Status published
Products (3)
cisco/ios 15.2\(2\)e3
cisco/ios 15.2\(4\)e1
n/a/Cisco IOS Cisco IOS
Published Jan 26, 2017
Tracked Since Feb 18, 2026