CVE-2011-3280

7.5 HIGH

Published: October 03, 2011 Modified: April 29, 2026

Description

Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (memory consumption or device reload) by sending crafted SIP packets to UDP port 5060, aka Bug ID CSCtj04672.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://tools.cisco.com/security/center/viewAlert.x?alertId=24120

Source: psirt@cisco.com

Vendor Advisory

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d4d.shtml

Source: psirt@cisco.com

Vendor Advisory

http://tools.cisco.com/security/center/viewAlert.x?alertId=24120

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d4d.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

4 reference(s) from NVD

Quick Stats

CVSS v3 Score

7.5 / 10.0

EPSS (Exploit Probability)

0.5%

64th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-399

Affected Vendors

cisco

Related CVEs

CVE-2026-7779 4.3

CVE-2026-42238 N/A

CVE-2026-42223 6.5

CVE-2026-42222 8.1

CVE-2026-42221 8.1