CVE-2013-6692
Published Nov 22, 2013
Last updated 11 years ago
Overview
- Description
- Cisco IOS XE 3.8S(.2) and earlier does not properly use a DHCP pool during assignment of an IP address, which allows remote authenticated users to cause a denial of service (device reload) via an AAA packet that triggers an address requirement, aka Bug ID CSCuh04949.
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.3
- Impact score
- 6.9
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:N/I:N/A:C
Weaknesses
- nvd@nist.gov
- CWE-399
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "01D210A1-66FA-4534-8AD6-42B33389CD99",
"versionEndIncluding": "3.8s\\(.2\\)"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.0s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E979597C-E614-45E9-9AC4-66DE323221BF"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.1s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55E908D0-7327-42B7-81C0-FA25BF45929C"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.2s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5420E152-A00C-406C-8E27-6B7ADE4ABF5B"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.0s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2835C64E-808F-4A6C-B245-7A9996FAFE3A"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8s\\(.0\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8B79934A-7B54-46F7-AD4F-C7756D647633"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8s\\(.1\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D50BF2F7-363D-434C-8F5E-0D05F93E99BF"
}
],
"operator": "OR"
}
]
}
]