Vulnerability Name:

CVE-2008-0537 (CCN-41466)

Assigned:2008-03-26
Published:2008-03-26
Updated:2017-08-08
Summary:Unspecified vulnerability in the Supervisor Engine 32 (Sup32), Supervisor Engine 720 (Sup720), and Route Switch Processor 720 (RSP720) for multiple Cisco products, when using Multi Protocol Label Switching (MPLS) VPN and OSPF sham-link, allows remote attackers to cause a denial of service (blocked queue, device restart, or memory leak) via unknown vectors.
CVSS v3 Severity:5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:7.1 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C)
5.3 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
5.4 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:C)
4.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2008-0537

Source: CCN
Type: SA29559
Cisco IOS Denial of Service Vulnerability

Source: SECUNIA
Type: Vendor Advisory
29559

Source: CCN
Type: SECTRACK ID: 1019716
Cisco IOS OSPF/MPLS VPN Bug Lets Remote Users Deny Service

Source: CCN
Type: cisco-sa-20080326-queue
Cisco Security Advisory: Vulnerability in Cisco IOS with OSPF, MPLS VPN, and Supervisor 32, Supervisor 720, or Route Switch Processor 720

Source: CISCO
Type: Vendor Advisory
20080326 Vulnerability in Cisco IOS with OSPF, MPLS VPN, and Supervisor 32, Supervisor 720, or Route Switch Processor 720

Source: CCN
Type: OSVDB ID: 43789
Cisco IOS OSPF / MPLS VPN Unspecified Remote DoS

Source: BID
Type: UNKNOWN
28463

Source: CCN
Type: BID-28463
Cisco IOS With OSPF, MPLS VPN, Sup32, Sup720 or RSP720 Denial of Service Vulnerability

Source: SECTRACK
Type: UNKNOWN
1019716

Source: CERT
Type: US Government Resource
TA08-087B

Source: VUPEN
Type: UNKNOWN
ADV-2008-1005

Source: XF
Type: UNKNOWN
cisco-catalyst-sup-rsp-dos(41466)

Source: XF
Type: UNKNOWN
cisco-catalyst-sup-rsp-dos(41466)

Vulnerable Configuration:Configuration 1:
  • cpe:/h:cisco:7600_router:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_6500:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:me_6524_ethernet_switch:*:*:*:*:*:*:*:*
  • AND
  • cpe:/a:cisco:route_switch_processor:rsp720:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:supervisor_engine:sup32:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:supervisor_engine:sup720:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:cisco:ios:12.2sxa:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2sxb:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2sxd:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2sxe:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.2zu:*:*:*:*:*:*:*
  • AND
  • cpe:/h:cisco:catalyst:6500:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst:7600:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:me_6524_ethernet_switch:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    cisco 7600 router *
    cisco catalyst 6500 *
    cisco me 6524 ethernet switch *
    cisco route switch processor rsp720
    cisco supervisor engine sup32
    cisco supervisor engine sup720
    cisco ios 12.2sxa
    cisco ios 12.2sxb
    cisco ios 12.2sxd
    cisco ios 12.2sxe
    cisco ios 12.2zu
    cisco catalyst 6500
    cisco catalyst 7600
    cisco me 6524 ethernet switch *