CVE-2011-3295
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
02/05/2012
Last modified:
11/04/2025
Description
The NETIO and IPV4_IO processes in Cisco IOS XR 3.8 through 4.1, as used in Cisco Carrier Routing System and other products, allow remote attackers to cause a denial of service (CPU consumption) via crafted network traffic, aka Bug ID CSCti59888.
Impact
Base Score 2.0
7.80
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:cisco:ios_xr:3.8.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios_xr:3.8.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios_xr:3.8.2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios_xr:3.8.3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios_xr:3.8.4:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios_xr:3.9.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios_xr:3.9.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios_xr:3.9.2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios_xr:4.0.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios_xr:4.0.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios_xr:4.0.2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios_xr:4.0.3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios_xr:4.0.4:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios_xr:4.1:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www-europe.cisco.com/cisco/software/release.html?mdfid=279879106&reltype=all&relind=AVAILABLE&release=3.9.2&softwareid=280867577&sortparam=7
- http://www.securitytracker.com/id?1027005=
- http://www.securitytracker.com/id?1027006=
- http://www-europe.cisco.com/cisco/software/release.html?mdfid=279879106&reltype=all&relind=AVAILABLE&release=3.9.2&softwareid=280867577&sortparam=7
- http://www.securitytracker.com/id?1027005=
- http://www.securitytracker.com/id?1027006=