Strix
26.1K

CVE-2010-0577

UnknownEPSS 2.51%

Last modified

CVE-2010-0577 is a vulnerability of currently unknown severity. Cisco IOS 12.2 through 12.4, when certain PMTUD, SNAT, or window-size configurations are used, allows remote attackers to cause a denial of service (infinite loop, and device reload or hang) via a TCP segment with crafted options, aka Bug ID CSCsz75186.. EPSS estimates a 2.51% chance of exploitation in the next 30 days.

Description

Cisco IOS 12.2 through 12.4, when certain PMTUD, SNAT, or window-size configurations are used, allows remote attackers to cause a denial of service (infinite loop, and device reload or hang) via a TCP segment with crafted options, aka Bug ID CSCsz75186.

Metrics

EPSS Probability
2.51%

82.7th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoIos12.2b
CiscoIos12.2bc
CiscoIos12.2bx
CiscoIos12.2by
CiscoIos12.2bz
CiscoIos12.2cx
CiscoIos12.2cy
CiscoIos12.2cz
CiscoIos12.2jx
CiscoIos12.2mc
CiscoIos12.2t
CiscoIos12.2tpc
CiscoIos12.2xj
CiscoIos12.2xk
CiscoIos12.2xl
CiscoIos12.2xm
CiscoIos12.2xr
CiscoIos12.2xw
CiscoIos12.2ya
CiscoIos12.2yb
CiscoIos12.2yd
CiscoIos12.2yf
CiscoIos12.2yg
CiscoIos12.2yh
CiscoIos12.2yj
CiscoIos12.2yl
CiscoIos12.2ym
CiscoIos12.2yn
CiscoIos12.2yp
CiscoIos12.2yq
CiscoIos12.2yr
CiscoIos12.2yt
CiscoIos12.2yu
CiscoIos12.2yv
CiscoIos12.2yw
CiscoIos12.2yy
CiscoIos12.2zb
CiscoIos12.2zc
CiscoIos12.2zd
CiscoIos12.2ze
CiscoIos12.2zf
CiscoIos12.2zg
CiscoIos12.2zh
CiscoIos12.2zj
CiscoIos12.2zl
CiscoIos12.2zp
CiscoIos12.3
CiscoIos12.3b
CiscoIos12.3bc
CiscoIos12.3bw

Showing 50 of 136 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2010-0577?
Cisco IOS 12.2 through 12.4, when certain PMTUD, SNAT, or window-size configurations are used, allows remote attackers to cause a denial of service (infinite loop, and device reload or hang) via a TCP segment with crafted options, aka Bug ID CSCsz75186.
How severe is CVE-2010-0577?
Severity scoring for CVE-2010-0577 is pending analysis. The EPSS model estimates a 2.51% probability of exploitation in the next 30 days.
How do I fix CVE-2010-0577?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2010-0577?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST