Cisco put up a totally bogus 10.0 CVE just for this reason, too