The RSVP protocol implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S, when MPLS-TE is enabled, allows remote attackers to cause a denial of service (incorrect memory access and device reload) via a traffic engineering PATH message in an RSVP packet, aka Bug ID CSCtg39957.
2013-03-28T23:55:01.563
2025-04-11T00:51:21.963
Deferred
CVSSv2: 7.1 (HIGH)
AV:N/AC:M/Au:N/C:N/I:N/A:C
8.6
6.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | cisco | ios | 12.2 | Yes |
| Operating System | cisco | ios | 15.0 | Yes |
| Operating System | cisco | ios | 15.0\(1\)se | Yes |
| Operating System | cisco | ios | 15.1 | Yes |
| Operating System | cisco | ios | 15.2 | Yes |
| Operating System | cisco | ios | 15.3 | Yes |
| Operating System | cisco | ios_xe | 3.1.0s | Yes |
| Operating System | cisco | ios_xe | 3.1.1s | Yes |
| Operating System | cisco | ios_xe | 3.1.2s | Yes |
| Operating System | cisco | ios_xe | 3.1.3s | Yes |
| Operating System | cisco | ios_xe | 3.1.4s | Yes |
| Operating System | cisco | ios_xe | 3.2.0s | Yes |
| Operating System | cisco | ios_xe | 3.2.1s | Yes |
| Operating System | cisco | ios_xe | 3.2.2s | Yes |
| Operating System | cisco | ios_xe | 3.3.0s | Yes |
| Operating System | cisco | ios_xe | 3.3.1s | Yes |
| Operating System | cisco | ios_xe | 3.3.2s | Yes |
| Operating System | cisco | ios_xe | 3.3.3s | Yes |
| Operating System | cisco | ios_xe | 3.4.0s | Yes |
| Operating System | cisco | ios_xe | 3.4.1s | Yes |
| Operating System | cisco | ios_xe | 3.4.2s | Yes |
| Operating System | cisco | ios_xe | 3.4.3s | Yes |
| Operating System | cisco | ios_xe | 3.5.0s | Yes |
| Operating System | cisco | ios_xe | 3.5.1s | Yes |
| Operating System | cisco | ios_xe | 3.5.2s | Yes |