CVE-2007-5651

Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IOS 12.3 and 12.4 on Cisco Access Points and 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 and 12.2 on Cisco switches (Wired EAP devices), and CatOS 6.x through 8.x on Cisco switches allows remote attackers to cause a denial of service (device reload) via a crafted EAP Response Identity packet.

CVSS v2.0 7.1 HIGH

7.1^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:C

Exploitability : 8.6 / Impact : 6.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/advisories/27329
http://www.cisco.com/en/US/products/products_security_response09186a00808de8bb.html
http://www.securityfocus.com/bid/26139
http://www.securitytracker.com/id?1018842
http://www.vupen.com/english/advisories/2007/3566
https://exchange.xforce.ibmcloud.com/vulnerabilities/37300
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5288

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:cisco:catos:6.1:::::::*
	cpe:2.3:o:cisco:catos:6.2:::::::*
	cpe:2.3:o:cisco:catos:6.3:::::::*
	cpe:2.3:o:cisco:catos:6.4:::::::*
	cpe:2.3:o:cisco:catos:7.1:::::::*
	cpe:2.3:o:cisco:catos:7.2:::::::*
	cpe:2.3:o:cisco:catos:7.3:::::::*
	cpe:2.3:o:cisco:catos:7.4:::::::*
	cpe:2.3:o:cisco:catos:7.5:::::::*
	cpe:2.3:o:cisco:catos:7.6:::::::*
	cpe:2.3:o:cisco:catos:8.1:::::::*
	cpe:2.3:o:cisco:catos:8.2:::::::*
	cpe:2.3:o:cisco:catos:8.3:::::::*
	cpe:2.3:o:cisco:catos:8.4:::::::*
	cpe:2.3:o:cisco:catos:8.5:::::::*
	cpe:2.3:o:cisco:ios:12.1:::::::*
	cpe:2.3:o:cisco:ios:12.2:::::::*
	cpe:2.3:o:cisco:ios:12.3ja:::::::*
	cpe:2.3:o:cisco:ios:12.3jea:::::::*
	cpe:2.3:o:cisco:ios:12.3jeb:::::::*
	cpe:2.3:o:cisco:ios:12.3jec:::::::*
	cpe:2.3:o:cisco:ios:12.4ja:::::::*

History

No history.

Information

Published : 2007-10-23 21:47

Updated : 2023-12-10 10:40

NVD link : CVE-2007-5651

Mitre link : CVE-2007-5651

CVE.ORG link : CVE-2007-5651

JSON object : View

Products Affected

cisco

ios
catos

CWE

NVD-CWE-noinfo

{"id": "CVE-2007-5651", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-10-23T21:47:00.000", "references": [{"url": "http://secunia.com/advisories/27329", "source": "cve@mitre.org"}, {"url": "http://www.cisco.com/en/US/products/products_security_response09186a00808de8bb.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/26139", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1018842", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/3566", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37300", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5288", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IOS 12.3 and 12.4 on Cisco Access Points and 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 and 12.2 on Cisco switches (Wired EAP devices), and CatOS 6.x through 8.x on Cisco switches allows remote attackers to cause a denial of service (device reload) via a crafted EAP Response Identity packet."}, {"lang": "es", "value": "Vulnerabilidad no especificada en la implementaci\u00f3n Extensible Authentication Protocol (EAP) en Cisco IOS 12.3 y 12.4 sobre Cisco Access Points y 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 y 12.2 sobre Cisco switches (Wired EAP dispositivos), y CatOS 6.x hasta la 8.x sobre Cisco switches permite a atacantes remotos provocar denegaci\u00f3n de servicio (recarga de dispositivo) a trav\u00e9s de un paquete EAP Response Identity manipulado."}], "lastModified": "2017-09-29T01:29:40.003", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:catos:6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06F049B3-FBE6-4951-896E-B8AE2D7BFBAB"}, {"criteria": "cpe:2.3:o:cisco:catos:6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D9D9464-757E-4723-A475-838DCB069FBB"}, {"criteria": "cpe:2.3:o:cisco:catos:6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BBAB91B7-D94C-484C-8153-2345FB8991CA"}, {"criteria": "cpe:2.3:o:cisco:catos:6.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "64B40395-B525-4471-8FE1-FB1D7BBD99EF"}, {"criteria": "cpe:2.3:o:cisco:catos:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "904FC5E4-6BE0-4B15-8283-26F92922B78E"}, {"criteria": "cpe:2.3:o:cisco:catos:7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCBC242B-1D34-4CAB-A96D-7B30DD83678B"}, {"criteria": "cpe:2.3:o:cisco:catos:7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC67FF4D-ED26-44B7-8AB9-26F0BB2946BF"}, {"criteria": "cpe:2.3:o:cisco:catos:7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A7B5E1E-5698-4F69-AB53-C9F6339758C9"}, {"criteria": "cpe:2.3:o:cisco:catos:7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A01B4160-AC81-4C2D-B34A-C46EC2C610E7"}, {"criteria": "cpe:2.3:o:cisco:catos:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D726FE1E-26C9-41F2-AF59-8F8248449DE1"}, {"criteria": "cpe:2.3:o:cisco:catos:8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CCED76E-89CA-46E3-A285-2FB907780A66"}, {"criteria": "cpe:2.3:o:cisco:catos:8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75165FB6-B193-4DC9-A2FF-20F553111A1F"}, {"criteria": "cpe:2.3:o:cisco:catos:8.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34A3A284-36A9-4E8C-815D-6E2FE4C158DF"}, {"criteria": "cpe:2.3:o:cisco:catos:8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "840F1B27-22E4-47C3-A4D9-5E43D5153CAC"}, {"criteria": "cpe:2.3:o:cisco:catos:8.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C58A9E7-C119-4DC5-94E4-1701077330EF"}, {"criteria": "cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F2F9EC5-EDA2-4C99-BBF1-2F2C92AACE95"}, {"criteria": "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4BC49F2-3DCB-45F0-9030-13F6415EE178"}, {"criteria": "cpe:2.3:o:cisco:ios:12.3ja:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D73E5138-016A-48EC-A367-3D3285AAFED2"}, {"criteria": "cpe:2.3:o:cisco:ios:12.3jea:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C114F1A6-5DFE-408F-B83A-E8B9D4AF9791"}, {"criteria": "cpe:2.3:o:cisco:ios:12.3jeb:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9CD5C082-9730-466D-A4A8-E4EEE5F3730D"}, {"criteria": "cpe:2.3:o:cisco:ios:12.3jec:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8CF419BD-8474-4F33-9CDD-587E341ABA8D"}, {"criteria": "cpe:2.3:o:cisco:ios:12.4ja:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4EB2B390-A39F-4082-BBCB-712BDD95886D"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}