OPERATIONAL DEFECT DATABASE
...
...
This product includes Third-party Software that is affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs: CVE-2012-4423 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4423 CVE-2013-1766 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1766 CVE-2013-2230 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2230 CVE-2013-4154 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4154 CVE-2013-4296 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4296 CVE-2013-4297 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4297 CVE-2013-4311 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4311 CVE-2013-4399 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4399 CVE-2013-5651 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5651 CVE-2013-6457 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6457 CVE-2013-6458 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6458 CVE-2013-7336 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7336 CVE-2014-0179 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0179 CVE-2014-1447 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1447 CVE-2014-3672 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3672 CVE-2014-7823 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7823 CVE-2014-8131 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8131 CVE-2015-0236 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0236 CVE-2016-10746 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10746 CVE-2016-5008 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5008 CVE-2018-1064 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1064 CVE-2019-10132 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10132 CVE-2019-10161 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10161 CVE-2019-20485 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20485 CVE-2019-3840 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3840 CVE-2020-10701 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10701 CVE-2020-14301 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14301 CVE-2020-25637 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25637 CVE-2021-3631 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3631 CVE-2021-3667 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3667 CVE-2021-3975 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3975 CVE-2021-4147 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4147 CVE-2022-0897 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0897 After analysis, Cisco has decided against performing additional actions on this product due to one of the following reasons: - The product is no longer maintained, having reached End of Software Maintenance. - The product is still being maintained, but a business decision was made not to upgrade the vulnerable product. - The product uses the affected third-party component in such a way as to not be affected by these vulnerabilities.
Device with default configuration.
Not available or not applicable.
Additional details about the vulnerabilities listed above can be found at https://www.cve.org/. PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 3.0 score. The Base CVSS score as of the time of evaluation is: 9.8 https://tools.cisco.com/security/center/cvssCalculator.x?version=3.0&vector=CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE ID CVE-2012-4423, CVE-2013-1766, CVE-2013-2230, CVE-2013-4154, CVE-2013-4296, CVE-2013-4297, CVE-2013-4311, CVE-2013-4399, CVE-2013-5651, CVE-2013-6457, CVE-2013-6458, CVE-2013-7336, CVE-2014-0179, CVE-2014-1447, CVE-2014-3672, CVE-2014-7823, CVE-2014-8131, CVE-2015-0236, CVE-2016-10746, CVE-2016-5008, CVE-2018-1064, CVE-2019-10132, CVE-2019-10161, CVE-2019-20485, CVE-2019-3840, CVE-2020-10701, CVE-2020-14301, CVE-2020-25637, CVE-2021-3631, CVE-2021-3667, CVE-2021-3975, CVE-2021-4147, CVE-2022-0897 have been assigned to document this issue. Additional information on Cisco's security vulnerability policy can be found at the following URL: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
Click on a version to see all relevant bugs
Cisco Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
