CVE-2011-2395
Severity CVSS v4.0:
Pending analysis
Type:
CWE-16
Configuration Errors
Publication date:
09/06/2011
Last modified:
11/04/2025
Description
The Neighbor Discovery (ND) protocol implementation in Cisco IOS on unspecified switches allows remote attackers to bypass the Router Advertisement Guarding functionality via a fragmented IPv6 packet in which the Router Advertisement (RA) message is contained in the second fragment, as demonstrated by (1) a packet in which the first fragment contains a long Destination Options extension header or (2) a packet in which the first fragment contains an ICMPv6 Echo Request message.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:cisco:ios:4.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:4.1.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:4.1.2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:8.2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:8.3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:9.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:9.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:9.14:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:10.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:10.3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:10.3\(3.3\):*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:10.3\(3.4\):*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:10.3\(4.2\):*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:10.3\(4.3\):*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:10.3\(16\):*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://seclists.org/fulldisclosure/2011/May/446
- http://securityreason.com/securityalert/8271
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67940
- http://seclists.org/fulldisclosure/2011/May/446
- http://securityreason.com/securityalert/8271
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67940