CVE-2013-2779

Published Apr 11, 2013

Last updated 3 years ago

Overview

Description: Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 MVPN (aka MVPNv6) packets, aka Bug ID CSCub34945, a different vulnerability than CVE-2013-1164.
Source: cve@mitre.org
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-20

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.4.0as:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B45225F2-C9EB-493D-B845-64BFB8DBB89B"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.4.0s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "252377A3-7F15-45F2-A169-BBC37858D4DA"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.4.1s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02E8F96A-EA9C-4E66-8491-9B2A3A4023F5"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.4.2s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85908754-8426-49D3-BCC2-AF174B5D0EF8"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.4.3s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F5BA973-D59A-4CB9-BC35-089F88737425"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.4.4s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E6E83FC-CFAE-45EA-9F20-830FC5E97399"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.4.xs:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7D36DA8-0CBC-424F-80FB-A59839C49FE0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.5.0s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5872A42F-745E-4EC6-8679-C28F79F6621C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.5.1s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86947E54-A1B9-4ECE-92A6-417462249612"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.5.2s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C910BE7C-517F-4E41-8433-1858F700AA22"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.5.xs:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A862D914-CE60-48A9-9D52-299642BE3FF6"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.0s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2EB5A06F-59B5-43A1-8D06-1B6BA08630A1"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.1s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB5F6C44-DB9D-41FD-AD8D-AF45258772DD"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.2s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D9E07C9-4C98-48A3-ACF9-1C6FE834D19C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.7.0s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E979597C-E614-45E9-9AC4-66DE323221BF"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1002_fixed_router:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0EAE214D-8DD8-4DA3-872A-609E7CE6E606"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1023_router:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "399C03D1-C4B2-4DE6-9772-EC0BD88D7FCF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References