First published: Sun Sep 16 2012(Updated: )
The updateTime function in sensorApp on Cisco IPS 4200 series sensors 7.0 and 7.1 allows remote attackers to cause a denial of service (process crash and traffic-inspection outage) via network traffic, aka Bug ID CSCta96144.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Intrusion Prevention System | =7.0 | |
Cisco Intrusion Prevention System | =7.1 | |
Cisco IPS Sensor Software | ||
Cisco IPS 4250 | ||
Cisco IPS Sensor Software | ||
Cisco IPS Sensor Software | ||
Cisco IPS 4270-20 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2012-3901 is classified as a denial of service vulnerability that can lead to a process crash and loss of traffic inspection.
To mitigate CVE-2012-3901, it is recommended to upgrade to the latest version of Cisco Intrusion Prevention System software available.
CVE-2012-3901 affects Cisco IPS 4200 series sensors versions 7.0 and 7.1, along with associated Cisco IPS software.
Exploitation of CVE-2012-3901 can result in a denial of service, causing critical network traffic inspection outages.
CVE-2012-3901 can be exploited by remote attackers through specially crafted network traffic.