Strix
26.1K

CVE-2007-2813

UnknownEPSS 3.41%

Last modified

CVE-2007-2813 is a vulnerability of currently unknown severity. Cisco IOS 12.4 and earlier, when using the crypto packages and SSL support is enabled, allows remote attackers to cause a denial of service via a malformed (1) ClientHello, (2) ChangeCipherSpec, or (3) Finished message during an SSL session.. EPSS estimates a 3.41% chance of exploitation in the next 30 days.

Description

Cisco IOS 12.4 and earlier, when using the crypto packages and SSL support is enabled, allows remote attackers to cause a denial of service via a malformed (1) ClientHello, (2) ChangeCipherSpec, or (3) Finished message during an SSL session.

Metrics

EPSS Probability
3.41%

87.4th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
CiscoIos Transmission Control Protocol12.0t
CiscoIos Transmission Control Protocol12.0wc
CiscoIos Transmission Control Protocol12.0xe
CiscoIos Transmission Control Protocol12.0xh
CiscoIos Transmission Control Protocol12.0xi
CiscoIos Transmission Control Protocol12.0xk
CiscoIos Transmission Control Protocol12.0xl
CiscoIos Transmission Control Protocol12.0xn
CiscoIos Transmission Control Protocol12.0xq
CiscoIos Transmission Control Protocol12.0xr
CiscoIos Transmission Control Protocol12.0xv
CiscoIos Transmission Control Protocol12.1
CiscoIos Transmission Control Protocol12.1ay
CiscoIos Transmission Control Protocol12.1cx
CiscoIos Transmission Control Protocol12.1e
CiscoIos Transmission Control Protocol12.1ea
CiscoIos Transmission Control Protocol12.1eb
CiscoIos Transmission Control Protocol12.1ec
CiscoIos Transmission Control Protocol12.1ew
CiscoIos Transmission Control Protocol12.1ex
CiscoIos Transmission Control Protocol12.1ey
CiscoIos Transmission Control Protocol12.1t
CiscoIos Transmission Control Protocol12.1xc
CiscoIos Transmission Control Protocol12.1xd
CiscoIos Transmission Control Protocol12.1xf
CiscoIos Transmission Control Protocol12.1xg
CiscoIos Transmission Control Protocol12.1xh
CiscoIos Transmission Control Protocol12.1xi
CiscoIos Transmission Control Protocol12.1xj
CiscoIos Transmission Control Protocol12.1xl
CiscoIos Transmission Control Protocol12.1xm
CiscoIos Transmission Control Protocol12.1xp
CiscoIos Transmission Control Protocol12.1xq
CiscoIos Transmission Control Protocol12.1xt
CiscoIos Transmission Control Protocol12.1xu
CiscoIos Transmission Control Protocol12.1yb
CiscoIos Transmission Control Protocol12.1yc
CiscoIos Transmission Control Protocol12.1yd
CiscoIos Transmission Control Protocol12.1ye
CiscoIos Transmission Control Protocol12.1yf
CiscoIos Transmission Control Protocol12.1yi
CiscoIos Transmission Control Protocol12.2
CiscoIos Transmission Control Protocol12.2b
CiscoIos Transmission Control Protocol12.2bc
CiscoIos Transmission Control Protocol12.2bw
CiscoIos Transmission Control Protocol12.2by
CiscoIos Transmission Control Protocol12.2bz
CiscoIos Transmission Control Protocol12.2cx
CiscoIos Transmission Control Protocol12.2cy
CiscoIos Transmission Control Protocol12.2cz

Showing 50 of 188 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2007-2813?
Cisco IOS 12.4 and earlier, when using the crypto packages and SSL support is enabled, allows remote attackers to cause a denial of service via a malformed (1) ClientHello, (2) ChangeCipherSpec, or (3) Finished message during an SSL session.
How severe is CVE-2007-2813?
Severity scoring for CVE-2007-2813 is pending analysis. The EPSS model estimates a 3.41% probability of exploitation in the next 30 days.
How do I fix CVE-2007-2813?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2007-2813?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST