CVE-2011-2059
Severity CVSS v4.0:
Pending analysis
Type:
CWE-200
Information Leak / Disclosure
Publication date:
22/10/2011
Last modified:
11/04/2025
Description
The ipv6 component in Cisco IOS before 15.1(4)M1.3 allows remote attackers to conduct fingerprinting attacks and obtain potentially sensitive information about the presence of the IOS operating system via an ICMPv6 Echo Request packet containing a Hop-by-Hop (HBH) extension header (EH) with a 0x0c01050c value in the PadN option data, aka Bug ID CSCtq02219.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:* | 15.1\(4\)m1.3 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://blogs.cisco.com/security/1999tcp-redux-the-ipv6-flavor
- http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=36606&signatureSubId=0
- http://blogs.cisco.com/security/1999tcp-redux-the-ipv6-flavor
- http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=36606&signatureSubId=0