VAR-200109-0061
Vulnerability from variot - Updated: 2025-04-03 22:14Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute. There is a denial-of-service vulnerability in several specific but common configurations of Cisco IOS. IOS is the firmware designed for Cisco routers. IOS is a router specific firmware designed to allow networkers the ability to configure and control Cisco routers. A problem in IOS can allow remote users to crash Cisco routers. This problem makes it possible for a remote user to crash Cisco routers using BGP, and deny service to legitimate users
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200109-0061",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios",
"scope": "eq",
"trust": 2.7,
"vendor": "cisco",
"version": "12.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 2.7,
"vendor": "cisco",
"version": "11.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 2.7,
"vendor": "cisco",
"version": "11.2"
},
{
"model": "ios",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "12.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 w5",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xj",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xe",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0w5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0dc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3wa4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3na",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3ha",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3db",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3da",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.3aa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2p",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2gs",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2f",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2bc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2 xaf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 11.2 xa",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1(8)"
},
{
"model": "ios 12.1 dc",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 da1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.1 db1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ios 12.0xw",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0xv"
},
{
"model": "ios 12.0xu",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xs",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xr",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xq",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xp",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xn",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xm",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xl",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0xk",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 t",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "12.0(17)"
},
{
"model": "ios 12.0 s3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "11.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#106392"
},
{
"db": "BID",
"id": "2733"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000065"
},
{
"db": "CNNVD",
"id": "CNNVD-200109-086"
},
{
"db": "NVD",
"id": "CVE-2001-0650"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:ios",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2001-000065"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability was announced iva Bugtraq in a Cisco Security Advisory on May 10, 2001.",
"sources": [
{
"db": "BID",
"id": "2733"
},
{
"db": "CNNVD",
"id": "CNNVD-200109-086"
}
],
"trust": 0.9
},
"cve": "CVE-2001-0650",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2001-0650",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-3460",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-0650",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#106392",
"trust": 0.8,
"value": "21.55"
},
{
"author": "NVD",
"id": "CVE-2001-0650",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200109-086",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-3460",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#106392"
},
{
"db": "VULHUB",
"id": "VHN-3460"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000065"
},
{
"db": "CNNVD",
"id": "CNNVD-200109-086"
},
{
"db": "NVD",
"id": "CVE-2001-0650"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute. There is a denial-of-service vulnerability in several specific but common configurations of Cisco IOS. IOS is the firmware designed for Cisco routers. IOS is a router specific firmware designed to allow networkers the ability to configure and control Cisco routers. \nA problem in IOS can allow remote users to crash Cisco routers. \nThis problem makes it possible for a remote user to crash Cisco routers using BGP, and deny service to legitimate users",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0650"
},
{
"db": "CERT/CC",
"id": "VU#106392"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000065"
},
{
"db": "BID",
"id": "2733"
},
{
"db": "VULHUB",
"id": "VHN-3460"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "2733",
"trust": 3.6
},
{
"db": "CERT/CC",
"id": "VU#106392",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2001-0650",
"trust": 2.5
},
{
"db": "OSVDB",
"id": "1830",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000065",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200109-086",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20010510 CISCO IOS BGP ATTRIBUTE CORRUPTION VULNERABILITY",
"trust": 0.6
},
{
"db": "CIAC",
"id": "L-082",
"trust": 0.6
},
{
"db": "XF",
"id": "6566",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-3460",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#106392"
},
{
"db": "VULHUB",
"id": "VHN-3460"
},
{
"db": "BID",
"id": "2733"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000065"
},
{
"db": "CNNVD",
"id": "CNNVD-200109-086"
},
{
"db": "NVD",
"id": "CVE-2001-0650"
}
]
},
"id": "VAR-200109-0061",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-3460"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:14:15.425000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.cisco.com/jp/index.shtml"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2001-000065"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-0650"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.securityfocus.com/bid/2733"
},
{
"trust": 2.8,
"url": "http://www.cisco.com/warp/public/707/ios-bgp-attr-corruption-pub.shtml"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/106392"
},
{
"trust": 1.7,
"url": "http://ciac.llnl.gov/ciac/bulletins/l-082.shtml"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/1830"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6566"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c/ipcprt2/1cdbgp.htm#xtocid124918"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c/ipcprt2/1cdbgp.htm#xtocid124934"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2001-0650"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2001-0650"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/static/6566.php"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#106392"
},
{
"db": "VULHUB",
"id": "VHN-3460"
},
{
"db": "BID",
"id": "2733"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000065"
},
{
"db": "CNNVD",
"id": "CNNVD-200109-086"
},
{
"db": "NVD",
"id": "CVE-2001-0650"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#106392"
},
{
"db": "VULHUB",
"id": "VHN-3460"
},
{
"db": "BID",
"id": "2733"
},
{
"db": "JVNDB",
"id": "JVNDB-2001-000065"
},
{
"db": "CNNVD",
"id": "CNNVD-200109-086"
},
{
"db": "NVD",
"id": "CVE-2001-0650"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-05-10T00:00:00",
"db": "CERT/CC",
"id": "VU#106392"
},
{
"date": "2001-09-20T00:00:00",
"db": "VULHUB",
"id": "VHN-3460"
},
{
"date": "2001-05-10T00:00:00",
"db": "BID",
"id": "2733"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2001-000065"
},
{
"date": "2001-09-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200109-086"
},
{
"date": "2001-09-20T04:00:00",
"db": "NVD",
"id": "CVE-2001-0650"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-04-09T00:00:00",
"db": "CERT/CC",
"id": "VU#106392"
},
{
"date": "2017-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-3460"
},
{
"date": "2001-05-10T00:00:00",
"db": "BID",
"id": "2733"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2001-000065"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200109-086"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2001-0650"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200109-086"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IOS vulnerable to DoS via unrecognized transitive attribute in BGP UPDATE",
"sources": [
{
"db": "CERT/CC",
"id": "VU#106392"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200109-086"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…