CVE-2012-3946

{"id": "CVE-2012-3946", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-04-24T10:55:02.290", "references": [{"url": "http://www.cisco.com/c/en/us/td/docs/ios/15_3s/release/notes/15_3s_rel_notes/15_3s_caveats_15_3_2s.html", "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for \"a small percentage\" of the packets, aka Bug ID CSCty73682."}, {"lang": "es", "value": "Cisco IOS anterior a 15.3(2)S permite a atacantes remotos evadir restricciones ACL de interfaz en circunstancias oportunistas mediante el env\u00edo de paquetes IPv6 en un escenario no especificado en que descargas de paquetes esperados no suceden para \"un porcentaje peque\u00f1o\" de los paquetes, tambi\u00e9n conocido como Bug ID CSCty73682."}], "lastModified": "2014-04-24T18:38:17.737", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFA52B1D-E3A2-4058-8B5C-DD862C39532B", "versionEndIncluding": "15.3"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}