Strix
26.1K

CVE-2006-0340

UnknownEPSS 2.67%

Last modified

CVE-2006-0340 is a vulnerability of currently unknown severity. Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet to port 9900.. EPSS estimates a 2.67% chance of exploitation in the next 30 days.

Description

Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet to port 9900.

Metrics

EPSS Probability
2.67%

83.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoIos12.0
CiscoIos12.0s
CiscoIos12.0sc
CiscoIos12.0t
CiscoIos12.0xa
CiscoIos12.0xc
CiscoIos12.0xd
CiscoIos12.0xe
CiscoIos12.0xg
CiscoIos12.0xh
CiscoIos12.0xi
CiscoIos12.0xj
CiscoIos12.0xk
CiscoIos12.0xl
CiscoIos12.0xn
CiscoIos12.0xr
CiscoIos12.1
CiscoIos12.1aa
CiscoIos12.1e
CiscoIos12.1ec
CiscoIos12.1ex
CiscoIos12.1ez
CiscoIos12.1ga
CiscoIos12.1gb
CiscoIos12.1t
CiscoIos12.1xa
CiscoIos12.1xd
CiscoIos12.1xh
CiscoIos12.1xi
CiscoIos12.1xl
CiscoIos12.1xm
CiscoIos12.1xq
CiscoIos12.1xs
CiscoIos12.1xu
CiscoIos12.1xw
CiscoIos12.1xx
CiscoIos12.1xy
CiscoIos12.1xz
CiscoIos12.1ya
CiscoIos12.1yb
CiscoIos12.1yd
CiscoIos12.2
CiscoIos12.2b
CiscoIos12.2bc
CiscoIos12.2bw
CiscoIos12.2by
CiscoIos12.2cx
CiscoIos12.2dd
CiscoIos12.2dx
CiscoIos12.2mc

Showing 50 of 108 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2006-0340?
Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet to port 9900.
How severe is CVE-2006-0340?
Severity scoring for CVE-2006-0340 is pending analysis. The EPSS model estimates a 2.67% probability of exploitation in the next 30 days.
How do I fix CVE-2006-0340?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2006-0340?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST