CVE-2013-2779

Published Apr 11, 2013

Last updated 3 months ago

CVSS info 7.8

Overview

Description: Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 MVPN (aka MVPNv6) packets, aka Bug ID CSCub34945, a different vulnerability than CVE-2013-1164.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.4.0as:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B45225F2-C9EB-493D-B845-64BFB8DBB89B"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.4.0s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "252377A3-7F15-45F2-A169-BBC37858D4DA"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.4.1s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02E8F96A-EA9C-4E66-8491-9B2A3A4023F5"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.4.2s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85908754-8426-49D3-BCC2-AF174B5D0EF8"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.4.3s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F5BA973-D59A-4CB9-BC35-089F88737425"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.4.4s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E6E83FC-CFAE-45EA-9F20-830FC5E97399"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.4.xs:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7D36DA8-0CBC-424F-80FB-A59839C49FE0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.5.0s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5872A42F-745E-4EC6-8679-C28F79F6621C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.5.1s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86947E54-A1B9-4ECE-92A6-417462249612"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.5.2s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C910BE7C-517F-4E41-8433-1858F700AA22"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.5.xs:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A862D914-CE60-48A9-9D52-299642BE3FF6"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.0s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2EB5A06F-59B5-43A1-8D06-1B6BA08630A1"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.1s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB5F6C44-DB9D-41FD-AD8D-AF45258772DD"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.6.2s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D9E07C9-4C98-48A3-ACF9-1C6FE834D19C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xe:3.7.0s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E979597C-E614-45E9-9AC4-66DE323221BF"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1002_fixed_router:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0EAE214D-8DD8-4DA3-872A-609E7CE6E606"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_1023_router:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "399C03D1-C4B2-4DE6-9772-EC0BD88D7FCF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References