{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Memory leak in the SSL VPN feature in Cisco IOS 12.4, 15.0, and 15.1, when HTTP port redirection is enabled, allows remote attackers to cause a denial of service (memory consumption) by improperly disconnecting SSL sessions, leading to connections that remain in the CLOSE-WAIT state, aka Bug ID CSCtg21685."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2010-09-23T18:00:00Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20100922 Cisco IOS SSL VPN Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a312.shtml"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2010-2836", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Memory leak in the SSL VPN feature in Cisco IOS 12.4, 15.0, and 15.1, when HTTP port redirection is enabled, allows remote attackers to cause a denial of service (memory consumption) by improperly disconnecting SSL sessions, leading to connections that remain in the CLOSE-WAIT state, aka Bug ID CSCtg21685."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20100922 Cisco IOS SSL VPN Vulnerability", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a312.shtml"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T02:46:48.832Z"}, "title": "CVE Program Container", "references": [{"name": "20100922 Cisco IOS SSL VPN Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a312.shtml"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2010-2836", "datePublished": "2010-09-23T18:00:00Z", "dateReserved": "2010-07-23T00:00:00Z", "dateUpdated": "2024-09-16T19:56:28.659Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:*", "matchCriteriaId": "9D4D8C72-E7BB-40BF-9AE5-622794D63E09", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4gc:*:*:*:*:*:*:*", "matchCriteriaId": "89B19F2B-1D89-42FC-89A7-737D8109EB1B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4mda:*:*:*:*:*:*:*", "matchCriteriaId": "237F6EDD-AB47-4768-9C75-C0B03E23696B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4mr:*:*:*:*:*:*:*", "matchCriteriaId": "C7414D32-88A1-416E-A717-3F47B6D1BE74", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4mra:*:*:*:*:*:*:*", "matchCriteriaId": "860A1477-49B5-4356-9D83-A1A092233D55", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4sw:*:*:*:*:*:*:*", "matchCriteriaId": "370DC543-AC01-4B91-88C7-60C323E35929", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4xa:*:*:*:*:*:*:*", "matchCriteriaId": "99235FFB-4439-40B2-ADBD-B08E5DBBCCB9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4xb:*:*:*:*:*:*:*", "matchCriteriaId": "C1797E4E-E15C-4148-9B3D-4FF6D1D815AF", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4xc:*:*:*:*:*:*:*", "matchCriteriaId": "544BD924-2CBD-4130-BBD3-5AD084C85FE5", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4xd:*:*:*:*:*:*:*", "matchCriteriaId": "6B78181E-E1D1-4C25-85DE-CA46BBF21765", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4xe:*:*:*:*:*:*:*", "matchCriteriaId": "C1F36C3D-E9A2-41A1-BE71-4D8B00D228E0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4xf:*:*:*:*:*:*:*", "matchCriteriaId": "7D1CD80F-E898-41CE-8A86-28C2F48B928A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4xg:*:*:*:*:*:*:*", "matchCriteriaId": "9C3C3B97-7F1E-4B87-AD44-E4230BCDAB7D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4xj:*:*:*:*:*:*:*", "matchCriteriaId": "BF610051-1638-4C1B-9864-11E34EFC4DE6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4xk:*:*:*:*:*:*:*", "matchCriteriaId": "78260223-50C0-48F8-9A65-AE67489E602C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4xl:*:*:*:*:*:*:*", "matchCriteriaId": "18E39462-4CEE-4C29-8B60-50E05FCF3E91", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4xm:*:*:*:*:*:*:*", "matchCriteriaId": "3FF16123-CCA0-4ECD-9B8C-AC1534C3F244", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4xn:*:*:*:*:*:*:*", "matchCriteriaId": "CC7454AF-7610-4CD3-BD2B-95A6C3283811", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4xp:*:*:*:*:*:*:*", "matchCriteriaId": "AB633E6C-025C-4B31-ABE7-8318C813376B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4xt:*:*:*:*:*:*:*", "matchCriteriaId": "DFED1FFB-899D-4A48-9CCA-0B8737AE1408", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4xv:*:*:*:*:*:*:*", "matchCriteriaId": "883FA166-2973-42BA-842D-28FBDBFEAC4A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4xw:*:*:*:*:*:*:*", "matchCriteriaId": "4362045B-7065-4FF9-A977-B3DA7894F831", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4xy:*:*:*:*:*:*:*", "matchCriteriaId": "BC27E79D-6B4B-4839-9664-DFE821C45C2E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4xz:*:*:*:*:*:*:*", "matchCriteriaId": "4963A243-74FA-43AD-9645-C9FAD527A6E1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4ya:*:*:*:*:*:*:*", "matchCriteriaId": "31C6EACA-35BE-4032-93DA-5F738AEE0F4A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4yb:*:*:*:*:*:*:*", "matchCriteriaId": "E67621EA-25D8-47C2-ADEA-512E38F2FFE3", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4yd:*:*:*:*:*:*:*", "matchCriteriaId": "94E1421B-2B86-41B2-9288-59780E081337", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.0m:*:*:*:*:*:*:*", "matchCriteriaId": "3D03374C-7EF0-4455-839E-09CA4F2E85BC", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.0xa:*:*:*:*:*:*:*", "matchCriteriaId": "EC6EF56C-032C-43F6-A979-E18BEA0E16A6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.1\\(1\\)xb1:*:*:*:*:*:*:*", "matchCriteriaId": "2D30CD49-F004-4830-A33E-9FC6E423CEA4", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:15.1t:*:*:*:*:*:*:*", "matchCriteriaId": "5FAFA073-B16F-475F-B68D-8FE9135AB0A4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Memory leak in the SSL VPN feature in Cisco IOS 12.4, 15.0, and 15.1, when HTTP port redirection is enabled, allows remote attackers to cause a denial of service (memory consumption) by improperly disconnecting SSL sessions, leading to connections that remain in the CLOSE-WAIT state, aka Bug ID CSCtg21685."}, {"lang": "es", "value": "Fuga de memoria en la funcionalidad SSL VPN en Cisco IOS v12.4, v15.0, y v15.1, cuando HTTP port redirection est\u00e1 habilitado, permite a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) al desconectar incorrectamente sesiones SSL generando que las conexiones permanezcan en estado CLOSE-WAIT, tambi\u00e9n conocido como fallo ID CSCtg21685."}], "id": "CVE-2010-2836", "lastModified": "2010-09-24T18:12:02.890", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-09-23T19:00:13.980", "references": [{"source": "ykramarz@cisco.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a312.shtml"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}