1. Home
  2. CVE Database
  3. CVE-2012-4660
HIGH · 7.8

CVE-2012-4660

The SIP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.2 before 8.2(5.17)...

Vulnerability Description

The SIP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.2 before 8.2(5.17), 8.3 before 8.3(2.28), 8.4 before 8.4(2.13), 8.5 before 8.5(1.4), and 8.6 before 8.6(1.5) allows remote attackers to cause a denial of service (device reload) via a crafted SIP media-update packet, aka Bug ID CSCtr63728.

CVSS Score

7.8

HIGH

AV:N/AC:L/Au:N/C:N/I:N/A:C
Confidentiality
NONE
Integrity
NONE
Availability
COMPLETE

Affected Products

VendorProductVersions
CiscoAdaptive Security Appliance Software8.2
Cisco5500 Series Adaptive Security ApplianceAll versions
CiscoCatalyst 6500All versions
CiscoCatalyst 6503-E-
CiscoCatalyst 6504-E-
CiscoCatalyst 6506-E-
CiscoCatalyst 6509-E-
CiscoCatalyst 6509-Neb-A-
CiscoCatalyst 6509-V-E-
CiscoCatalyst 6513-
CiscoCatalyst 6513-E-

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2012-4660?

CVE-2012-4660 is a vulnerability with a CVSS score of 7.8 (HIGH). The SIP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.2 before 8.2(5.17)...

How severe is CVE-2012-4660?

CVE-2012-4660 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2012-4660?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Adaptive Security Appliance Software, Cisco 5500 Series Adaptive Security Appliance, Cisco Catalyst 6500, Cisco Catalyst 6503-E, Cisco Catalyst 6504-E.