Strix
26.1K

CVE-2005-1021

UnknownEPSS 1.83%

Last modified

CVE-2005-1021 is a vulnerability of currently unknown severity. Memory leak in Secure Shell (SSH) in Cisco IOS 12.0 through 12.3, when authenticating against a TACACS+ server, allows remote attackers to cause a denial of service (memory consumption) via an incorrect username or password.. EPSS estimates a 1.83% chance of exploitation in the next 30 days.

Description

Memory leak in Secure Shell (SSH) in Cisco IOS 12.0 through 12.3, when authenticating against a TACACS+ server, allows remote attackers to cause a denial of service (memory consumption) via an incorrect username or password.

Metrics

EPSS Probability
1.83%

76.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoIos12.0s
CiscoIos12.0sx
CiscoIos12.1ax
CiscoIos12.1az
CiscoIos12.1db
CiscoIos12.1dc
CiscoIos12.1e
CiscoIos12.1ea
CiscoIos12.1eb
CiscoIos12.1ec
CiscoIos12.1eu
CiscoIos12.1ew
CiscoIos12.1ex
CiscoIos12.1t
CiscoIos12.1xd
CiscoIos12.1xe
CiscoIos12.1xf
CiscoIos12.1xg
CiscoIos12.1xh
CiscoIos12.1xi
CiscoIos12.1xl
CiscoIos12.1xm
CiscoIos12.1xp
CiscoIos12.1xq
CiscoIos12.1xr
CiscoIos12.1xt
CiscoIos12.1xu
CiscoIos12.1xv
CiscoIos12.1ya
CiscoIos12.1yb
CiscoIos12.1yc
CiscoIos12.1yd
CiscoIos12.1ye
CiscoIos12.1yf
CiscoIos12.1yh
CiscoIos12.1yi
CiscoIos12.2
CiscoIos12.2b
CiscoIos12.2dd
CiscoIos12.2dx
CiscoIos12.2eu
CiscoIos12.2ew
CiscoIos12.2ewa
CiscoIos12.2ex
CiscoIos12.2s
CiscoIos12.2se
CiscoIos12.2sea
CiscoIos12.2seb
CiscoIos12.2su
CiscoIos12.2sv

Showing 50 of 93 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2005-1021?
Memory leak in Secure Shell (SSH) in Cisco IOS 12.0 through 12.3, when authenticating against a TACACS+ server, allows remote attackers to cause a denial of service (memory consumption) via an incorrect username or password.
How severe is CVE-2005-1021?
Severity scoring for CVE-2005-1021 is pending analysis. The EPSS model estimates a 1.83% probability of exploitation in the next 30 days.
How do I fix CVE-2005-1021?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2005-1021?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST