CVE-2011-4667 Information

Description

The encryption library in Cisco IOS Software 15.2(1)T 15.2(1)T1 and 15.2(2)T Cisco NX-OS in Cisco MDS 9222i Multiservice Modular Switch Cisco MDS 9000 18/4-Port Multiservice Module and Cisco MDS 9000 Storage Services Node module before 5.2(6) and Cisco IOS in Cisco VPN Services Port Adaptor for Catalyst 6500 12.2(33)SXI and 12.2(33)SXJ when IP Security (aka IPSec) is used allows remote attackers to obtain unencrypted packets from encrypted sessions.

CVSS Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Reference

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20120913-CVE-2011-4667 https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/release/notes/ol_14271/caveats_SXI_rebuilds.html

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

5.9