Vulnerability Details : CVE-2007-4285
Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or component crash) via crafted IPv6 packets with a Type 0 routing header.
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2007-4285
Probability of exploitation activity in the next 30 days: 2.15%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 89 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2007-4285
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
9.0
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:C |
10.0
|
8.5
|
NIST |
References for CVE-2007-4285
-
http://www.cisco.com/en/US/products/products_security_advisory09186a0080899647.shtml
Patch;Vendor Advisory
-
http://www.vupen.com/english/advisories/2007/2819
Vendor Advisory
-
http://www.securitytracker.com/id?1018542
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5840
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/35906
Products affected by CVE-2007-4285
- cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios:12.3:*:*:*:*:*:*:*