CVE-2013-1164

Published Apr 11, 2013

Last updated 3 years ago

Overview

Description: Cisco IOS XE 3.4 before 3.4.4S, 3.5, and 3.6 on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 multicast packets, aka Bug ID CSCtz97563.
Source: ykramarz@cisco.com
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.4.0as:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B45225F2-C9EB-493D-B845-64BFB8DBB89B"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.4.0s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "252377A3-7F15-45F2-A169-BBC37858D4DA"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.4.1s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02E8F96A-EA9C-4E66-8491-9B2A3A4023F5"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.4.2s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85908754-8426-49D3-BCC2-AF174B5D0EF8"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.4.3s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F5BA973-D59A-4CB9-BC35-089F88737425"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.5.0s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5872A42F-745E-4EC6-8679-C28F79F6621C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.0s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2EB5A06F-59B5-43A1-8D06-1B6BA08630A1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References