CVSS Severity (version 2.0):
Impact Subscore: 6.9
Exploitability Subscore: 10.0
CVSS Version 2 Metrics:
Access Vector: Network exploitable
Access Complexity: Low
Authentication: Not required to exploit
Impact Type: Allows disruption of service
Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software devices are vulnerable if they are configured to listen for either targeted LDP hello messages or link LDP hello messages.
All versions of Cisco IOS Software and Cisco IOS XE Software that support MPLS are affected. Cisco IOS XR Software is affected in releases prior to 3.5.2.'