Denial of Service Vulnerability in Cisco Application Control Engine Module
CVE-2012-3919

Currently unrated

Key Information:

Vendor: Cisco
Status: Application Control Engine Module
Vendor: CVE Published:; 16 September 2012

Summary

The Cisco Application Control Engine (ACE) module 3.0 suffers from a vulnerability that arises from its inability to properly monitor Load Balancer (LB) queues. This flaw can be exploited by remote attackers through crafted application traffic, leading to incorrect memory access and forcing the module to reboot. Such attacks can disrupt services and lead to significant downtime. Users of affected Cisco Catalyst switches and routers are advised to be aware of this vulnerability and apply necessary updates to mitigate potential risks.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/78808

vdb-entryx_refsource_XF

http://www.cisco.com/en/US/docs/interfaces_modules/servic...

x_refsource_CONFIRM

Timeline

Vulnerability published
Sep 16, 2012
Vulnerability Reserved
Jul 10, 2012