Vulnerability Name:

CVE-2002-2239 (CCN-10823)

Assigned:2002-12-11
Published:2002-12-11
Updated:2017-07-29
Summary:The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(8)E through 12.1(13.4)E allows remote attackers to cause a denial of service (hang) via a malformed packet.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-20
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2002-2239

Source: CCN
Type: Cisco Systems Inc. Security Advisory, 2002 December 11 16:00 UTC
OSM Line Card Header Corruption Vulnerability

Source: CISCO
Type: Patch
20021211 OSM Line Card Header Corruption Vulnerability

Source: CCN
Type: OSVDB ID: 60095
Cisco Catalyst Switch Optical Service Module (OSM) Malformed Packet Remote DoS

Source: BID
Type: UNKNOWN
6358

Source: CCN
Type: BID-6358
Cisco OSM Line Cards Denial Of Service Vulnerability

Source: XF
Type: UNKNOWN
cisco-catalyst-osm-dos(10823)

Source: XF
Type: UNKNOWN
cisco-catalyst-osm-dos(10823)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:cisco:ios:12.1e:*:*:*:*:*:*:*
  • AND
  • cpe:/h:cisco:catalyst_6500:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_7600:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:cisco:ios:12.1e:*:*:*:*:*:*:*
  • AND
  • cpe:/h:cisco:catalyst:6500:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst:7600:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    cisco ios 12.1e
    cisco catalyst 6500 *
    cisco catalyst 7600 *
    cisco ios 12.1e
    cisco catalyst 6500
    cisco catalyst 7600