Search criteria
44 vulnerabilities found for asr_1002-x by cisco
CVE-2021-1620 (GCVE-0-2021-1620)
Vulnerability from cvelistv5 ā Published: 2021-09-23 02:31 ā Updated: 2024-11-07 21:51
VLAI?
Summary
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to exhaust the free IP addresses from the assigned local pool. This vulnerability occurs because the code does not release the allocated IP address under certain failure conditions. An attacker could exploit this vulnerability by trying to connect to the device with a non-AnyConnect client. A successful exploit could allow the attacker to exhaust the IP addresses from the assigned local pool, which prevents users from logging in and leads to a denial of service (DoS) condition.
Severity ?
7.7 (High)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:18:10.394Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210922 Cisco IOS and IOS XE Software IKEv2 AutoReconnect Feature Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ikev2-ebFrwMPr"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1620",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:40:25.956619Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:51:30.491Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-09-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to exhaust the free IP addresses from the assigned local pool. This vulnerability occurs because the code does not release the allocated IP address under certain failure conditions. An attacker could exploit this vulnerability by trying to connect to the device with a non-AnyConnect client. A successful exploit could allow the attacker to exhaust the IP addresses from the assigned local pool, which prevents users from logging in and leads to a denial of service (DoS) condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-563",
"description": "CWE-563",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T02:31:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210922 Cisco IOS and IOS XE Software IKEv2 AutoReconnect Feature Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ikev2-ebFrwMPr"
}
],
"source": {
"advisory": "cisco-sa-ikev2-ebFrwMPr",
"defect": [
[
"CSCvw25564"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS and IOS XE Software IKEv2 AutoReconnect Feature Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-09-22T16:00:00",
"ID": "CVE-2021-1620",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS and IOS XE Software IKEv2 AutoReconnect Feature Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to exhaust the free IP addresses from the assigned local pool. This vulnerability occurs because the code does not release the allocated IP address under certain failure conditions. An attacker could exploit this vulnerability by trying to connect to the device with a non-AnyConnect client. A successful exploit could allow the attacker to exhaust the IP addresses from the assigned local pool, which prevents users from logging in and leads to a denial of service (DoS) condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.7",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-563"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210922 Cisco IOS and IOS XE Software IKEv2 AutoReconnect Feature Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ikev2-ebFrwMPr"
}
]
},
"source": {
"advisory": "cisco-sa-ikev2-ebFrwMPr",
"defect": [
[
"CSCvw25564"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1620",
"datePublished": "2021-09-23T02:31:01.213819Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T21:51:30.491Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3284 (GCVE-0-2014-3284)
Vulnerability from cvelistv5 ā Published: 2014-05-25 22:00 ā Updated: 2024-08-06 10:35
VLAI?
Summary
Cisco IOS XE on ASR1000 devices, when PPPoE termination is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed PPPoE packet, aka Bug ID CSCuo55180.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:35:57.104Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1030283",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030283"
},
{
"name": "67603",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67603"
},
{
"name": "58405",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58405"
},
{
"name": "20140523 Cisco IOS XE Software PPPoE Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3284"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=34346"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco IOS XE on ASR1000 devices, when PPPoE termination is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed PPPoE packet, aka Bug ID CSCuo55180."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-06-09T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1030283",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030283"
},
{
"name": "67603",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67603"
},
{
"name": "58405",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58405"
},
{
"name": "20140523 Cisco IOS XE Software PPPoE Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3284"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=34346"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-3284",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco IOS XE on ASR1000 devices, when PPPoE termination is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed PPPoE packet, aka Bug ID CSCuo55180."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1030283",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030283"
},
{
"name": "67603",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67603"
},
{
"name": "58405",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58405"
},
{
"name": "20140523 Cisco IOS XE Software PPPoE Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3284"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=34346",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=34346"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-3284",
"datePublished": "2014-05-25T22:00:00",
"dateReserved": "2014-05-07T00:00:00",
"dateUpdated": "2024-08-06T10:35:57.104Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2183 (GCVE-0-2014-2183)
Vulnerability from cvelistv5 ā Published: 2014-04-29 10:00 ā Updated: 2024-08-06 10:06
VLAI?
Summary
The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:06:00.210Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20140428 Cisco IOS XE Software Malformed L2TP Packet Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2183"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33971"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-29T05:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20140428 Cisco IOS XE Software Malformed L2TP Packet Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2183"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33971"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-2183",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140428 Cisco IOS XE Software Malformed L2TP Packet Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2183"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33971",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33971"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-2183",
"datePublished": "2014-04-29T10:00:00",
"dateReserved": "2014-02-25T00:00:00",
"dateUpdated": "2024-08-06T10:06:00.210Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5723 (GCVE-0-2012-5723)
Vulnerability from cvelistv5 ā Published: 2014-04-24 10:00 ā Updated: 2024-08-06 21:14
VLAI?
Summary
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:14:16.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cisco.com/c/en/us/td/docs/routers/asr1000/release/notes/asr1k_rn_rel_notes/asr1k_caveats_38s.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-24T04:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cisco.com/c/en/us/td/docs/routers/asr1000/release/notes/asr1k_rn_rel_notes/asr1k_caveats_38s.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-5723",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cisco.com/c/en/us/td/docs/routers/asr1000/release/notes/asr1k_rn_rel_notes/asr1k_caveats_38s.html",
"refsource": "CONFIRM",
"url": "http://www.cisco.com/c/en/us/td/docs/routers/asr1000/release/notes/asr1k_rn_rel_notes/asr1k_caveats_38s.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-5723",
"datePublished": "2014-04-24T10:00:00",
"dateReserved": "2012-11-02T00:00:00",
"dateUpdated": "2024-08-06T21:14:16.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5017 (GCVE-0-2012-5017)
Vulnerability from cvelistv5 ā Published: 2014-04-23 10:00 ā Updated: 2024-08-06 20:50
VLAI?
Summary
Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause a denial of service (device reload) by establishing a VPN session and then sending malformed IKEv2 packets, aka Bug ID CSCub39268.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:50:18.537Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause a denial of service (device reload) by establishing a VPN session and then sending malformed IKEv2 packets, aka Bug ID CSCub39268."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-23T06:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-5017",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause a denial of service (device reload) by establishing a VPN session and then sending malformed IKEv2 packets, aka Bug ID CSCub39268."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf",
"refsource": "CONFIRM",
"url": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-5017",
"datePublished": "2014-04-23T10:00:00",
"dateReserved": "2012-09-21T00:00:00",
"dateUpdated": "2024-08-06T20:50:18.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1366 (GCVE-0-2012-1366)
Vulnerability from cvelistv5 ā Published: 2014-04-23 10:00 ā Updated: 2024-08-06 18:53
VLAI?
Summary
Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:37.210Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-10-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-23T06:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-1366",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf",
"refsource": "CONFIRM",
"url": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-1366",
"datePublished": "2014-04-23T10:00:00",
"dateReserved": "2012-02-27T00:00:00",
"dateUpdated": "2024-08-06T18:53:37.210Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5546 (GCVE-0-2013-5546)
Vulnerability from cvelistv5 ā Published: 2013-10-31 21:00 ā Updated: 2024-09-17 03:27
VLAI?
Summary
The TCP reassembly feature in Cisco IOS XE 3.7 before 3.7.3S and 3.8 before 3.8.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via large TCP packets that are processed by the (1) NAT or (2) ALG component, aka Bug ID CSCud72509.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:15:20.983Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The TCP reassembly feature in Cisco IOS XE 3.7 before 3.7.3S and 3.8 before 3.8.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via large TCP packets that are processed by the (1) NAT or (2) ALG component, aka Bug ID CSCud72509."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-31T21:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-5546",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TCP reassembly feature in Cisco IOS XE 3.7 before 3.7.3S and 3.8 before 3.8.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via large TCP packets that are processed by the (1) NAT or (2) ALG component, aka Bug ID CSCud72509."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-5546",
"datePublished": "2013-10-31T21:00:00Z",
"dateReserved": "2013-08-22T00:00:00Z",
"dateUpdated": "2024-09-17T03:27:22.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5543 (GCVE-0-2013-5543)
Vulnerability from cvelistv5 ā Published: 2013-10-31 21:00 ā Updated: 2024-09-16 22:30
VLAI?
Summary
Cisco IOS XE 3.4 before 3.4.2S and 3.5 before 3.5.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via malformed ICMP error packets associated with a (1) TCP or (2) UDP session that is under inspection by the Zone-Based Firewall (ZBFW) component, aka Bug ID CSCtt26470.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:15:21.079Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cisco IOS XE 3.4 before 3.4.2S and 3.5 before 3.5.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via malformed ICMP error packets associated with a (1) TCP or (2) UDP session that is under inspection by the Zone-Based Firewall (ZBFW) component, aka Bug ID CSCtt26470."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-31T21:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-5543",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco IOS XE 3.4 before 3.4.2S and 3.5 before 3.5.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via malformed ICMP error packets associated with a (1) TCP or (2) UDP session that is under inspection by the Zone-Based Firewall (ZBFW) component, aka Bug ID CSCtt26470."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-5543",
"datePublished": "2013-10-31T21:00:00Z",
"dateReserved": "2013-08-22T00:00:00Z",
"dateUpdated": "2024-09-16T22:30:30.396Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5545 (GCVE-0-2013-5545)
Vulnerability from cvelistv5 ā Published: 2013-10-31 21:00 ā Updated: 2024-09-17 04:25
VLAI?
Summary
The PPTP ALG implementation in Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending many PPTP packets over NAT, aka Bug ID CSCuh19936.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:15:20.961Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The PPTP ALG implementation in Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending many PPTP packets over NAT, aka Bug ID CSCuh19936."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-31T21:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-5545",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The PPTP ALG implementation in Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending many PPTP packets over NAT, aka Bug ID CSCuh19936."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-5545",
"datePublished": "2013-10-31T21:00:00Z",
"dateReserved": "2013-08-22T00:00:00Z",
"dateUpdated": "2024-09-17T04:25:33.115Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5547 (GCVE-0-2013-5547)
Vulnerability from cvelistv5 ā Published: 2013-10-31 21:00 ā Updated: 2024-09-16 19:50
VLAI?
Summary
Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending malformed EoGRE packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCuf08269.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:15:20.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending malformed EoGRE packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCuf08269."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-31T21:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-5547",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending malformed EoGRE packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCuf08269."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-5547",
"datePublished": "2013-10-31T21:00:00Z",
"dateReserved": "2013-08-22T00:00:00Z",
"dateUpdated": "2024-09-16T19:50:44.384Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1620 (GCVE-0-2021-1620)
Vulnerability from nvd ā Published: 2021-09-23 02:31 ā Updated: 2024-11-07 21:51
VLAI?
Summary
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to exhaust the free IP addresses from the assigned local pool. This vulnerability occurs because the code does not release the allocated IP address under certain failure conditions. An attacker could exploit this vulnerability by trying to connect to the device with a non-AnyConnect client. A successful exploit could allow the attacker to exhaust the IP addresses from the assigned local pool, which prevents users from logging in and leads to a denial of service (DoS) condition.
Severity ?
7.7 (High)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:18:10.394Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210922 Cisco IOS and IOS XE Software IKEv2 AutoReconnect Feature Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ikev2-ebFrwMPr"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1620",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:40:25.956619Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:51:30.491Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-09-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to exhaust the free IP addresses from the assigned local pool. This vulnerability occurs because the code does not release the allocated IP address under certain failure conditions. An attacker could exploit this vulnerability by trying to connect to the device with a non-AnyConnect client. A successful exploit could allow the attacker to exhaust the IP addresses from the assigned local pool, which prevents users from logging in and leads to a denial of service (DoS) condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-563",
"description": "CWE-563",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T02:31:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210922 Cisco IOS and IOS XE Software IKEv2 AutoReconnect Feature Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ikev2-ebFrwMPr"
}
],
"source": {
"advisory": "cisco-sa-ikev2-ebFrwMPr",
"defect": [
[
"CSCvw25564"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS and IOS XE Software IKEv2 AutoReconnect Feature Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-09-22T16:00:00",
"ID": "CVE-2021-1620",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS and IOS XE Software IKEv2 AutoReconnect Feature Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to exhaust the free IP addresses from the assigned local pool. This vulnerability occurs because the code does not release the allocated IP address under certain failure conditions. An attacker could exploit this vulnerability by trying to connect to the device with a non-AnyConnect client. A successful exploit could allow the attacker to exhaust the IP addresses from the assigned local pool, which prevents users from logging in and leads to a denial of service (DoS) condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.7",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-563"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210922 Cisco IOS and IOS XE Software IKEv2 AutoReconnect Feature Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ikev2-ebFrwMPr"
}
]
},
"source": {
"advisory": "cisco-sa-ikev2-ebFrwMPr",
"defect": [
[
"CSCvw25564"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1620",
"datePublished": "2021-09-23T02:31:01.213819Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T21:51:30.491Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3284 (GCVE-0-2014-3284)
Vulnerability from nvd ā Published: 2014-05-25 22:00 ā Updated: 2024-08-06 10:35
VLAI?
Summary
Cisco IOS XE on ASR1000 devices, when PPPoE termination is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed PPPoE packet, aka Bug ID CSCuo55180.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:35:57.104Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1030283",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030283"
},
{
"name": "67603",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67603"
},
{
"name": "58405",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58405"
},
{
"name": "20140523 Cisco IOS XE Software PPPoE Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3284"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=34346"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco IOS XE on ASR1000 devices, when PPPoE termination is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed PPPoE packet, aka Bug ID CSCuo55180."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-06-09T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1030283",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030283"
},
{
"name": "67603",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67603"
},
{
"name": "58405",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58405"
},
{
"name": "20140523 Cisco IOS XE Software PPPoE Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3284"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=34346"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-3284",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco IOS XE on ASR1000 devices, when PPPoE termination is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed PPPoE packet, aka Bug ID CSCuo55180."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1030283",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030283"
},
{
"name": "67603",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67603"
},
{
"name": "58405",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58405"
},
{
"name": "20140523 Cisco IOS XE Software PPPoE Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3284"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=34346",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=34346"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-3284",
"datePublished": "2014-05-25T22:00:00",
"dateReserved": "2014-05-07T00:00:00",
"dateUpdated": "2024-08-06T10:35:57.104Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2183 (GCVE-0-2014-2183)
Vulnerability from nvd ā Published: 2014-04-29 10:00 ā Updated: 2024-08-06 10:06
VLAI?
Summary
The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:06:00.210Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20140428 Cisco IOS XE Software Malformed L2TP Packet Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2183"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33971"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-29T05:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20140428 Cisco IOS XE Software Malformed L2TP Packet Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2183"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33971"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-2183",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140428 Cisco IOS XE Software Malformed L2TP Packet Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2183"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33971",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33971"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-2183",
"datePublished": "2014-04-29T10:00:00",
"dateReserved": "2014-02-25T00:00:00",
"dateUpdated": "2024-08-06T10:06:00.210Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5723 (GCVE-0-2012-5723)
Vulnerability from nvd ā Published: 2014-04-24 10:00 ā Updated: 2024-08-06 21:14
VLAI?
Summary
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:14:16.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cisco.com/c/en/us/td/docs/routers/asr1000/release/notes/asr1k_rn_rel_notes/asr1k_caveats_38s.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-24T04:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cisco.com/c/en/us/td/docs/routers/asr1000/release/notes/asr1k_rn_rel_notes/asr1k_caveats_38s.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-5723",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cisco.com/c/en/us/td/docs/routers/asr1000/release/notes/asr1k_rn_rel_notes/asr1k_caveats_38s.html",
"refsource": "CONFIRM",
"url": "http://www.cisco.com/c/en/us/td/docs/routers/asr1000/release/notes/asr1k_rn_rel_notes/asr1k_caveats_38s.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-5723",
"datePublished": "2014-04-24T10:00:00",
"dateReserved": "2012-11-02T00:00:00",
"dateUpdated": "2024-08-06T21:14:16.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5017 (GCVE-0-2012-5017)
Vulnerability from nvd ā Published: 2014-04-23 10:00 ā Updated: 2024-08-06 20:50
VLAI?
Summary
Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause a denial of service (device reload) by establishing a VPN session and then sending malformed IKEv2 packets, aka Bug ID CSCub39268.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:50:18.537Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause a denial of service (device reload) by establishing a VPN session and then sending malformed IKEv2 packets, aka Bug ID CSCub39268."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-23T06:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-5017",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause a denial of service (device reload) by establishing a VPN session and then sending malformed IKEv2 packets, aka Bug ID CSCub39268."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf",
"refsource": "CONFIRM",
"url": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-5017",
"datePublished": "2014-04-23T10:00:00",
"dateReserved": "2012-09-21T00:00:00",
"dateUpdated": "2024-08-06T20:50:18.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1366 (GCVE-0-2012-1366)
Vulnerability from nvd ā Published: 2014-04-23 10:00 ā Updated: 2024-08-06 18:53
VLAI?
Summary
Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:37.210Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-10-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-23T06:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-1366",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf",
"refsource": "CONFIRM",
"url": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-1366",
"datePublished": "2014-04-23T10:00:00",
"dateReserved": "2012-02-27T00:00:00",
"dateUpdated": "2024-08-06T18:53:37.210Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5546 (GCVE-0-2013-5546)
Vulnerability from nvd ā Published: 2013-10-31 21:00 ā Updated: 2024-09-17 03:27
VLAI?
Summary
The TCP reassembly feature in Cisco IOS XE 3.7 before 3.7.3S and 3.8 before 3.8.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via large TCP packets that are processed by the (1) NAT or (2) ALG component, aka Bug ID CSCud72509.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:15:20.983Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The TCP reassembly feature in Cisco IOS XE 3.7 before 3.7.3S and 3.8 before 3.8.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via large TCP packets that are processed by the (1) NAT or (2) ALG component, aka Bug ID CSCud72509."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-31T21:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-5546",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TCP reassembly feature in Cisco IOS XE 3.7 before 3.7.3S and 3.8 before 3.8.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via large TCP packets that are processed by the (1) NAT or (2) ALG component, aka Bug ID CSCud72509."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-5546",
"datePublished": "2013-10-31T21:00:00Z",
"dateReserved": "2013-08-22T00:00:00Z",
"dateUpdated": "2024-09-17T03:27:22.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5543 (GCVE-0-2013-5543)
Vulnerability from nvd ā Published: 2013-10-31 21:00 ā Updated: 2024-09-16 22:30
VLAI?
Summary
Cisco IOS XE 3.4 before 3.4.2S and 3.5 before 3.5.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via malformed ICMP error packets associated with a (1) TCP or (2) UDP session that is under inspection by the Zone-Based Firewall (ZBFW) component, aka Bug ID CSCtt26470.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:15:21.079Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cisco IOS XE 3.4 before 3.4.2S and 3.5 before 3.5.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via malformed ICMP error packets associated with a (1) TCP or (2) UDP session that is under inspection by the Zone-Based Firewall (ZBFW) component, aka Bug ID CSCtt26470."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-31T21:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-5543",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco IOS XE 3.4 before 3.4.2S and 3.5 before 3.5.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via malformed ICMP error packets associated with a (1) TCP or (2) UDP session that is under inspection by the Zone-Based Firewall (ZBFW) component, aka Bug ID CSCtt26470."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-5543",
"datePublished": "2013-10-31T21:00:00Z",
"dateReserved": "2013-08-22T00:00:00Z",
"dateUpdated": "2024-09-16T22:30:30.396Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5545 (GCVE-0-2013-5545)
Vulnerability from nvd ā Published: 2013-10-31 21:00 ā Updated: 2024-09-17 04:25
VLAI?
Summary
The PPTP ALG implementation in Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending many PPTP packets over NAT, aka Bug ID CSCuh19936.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:15:20.961Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The PPTP ALG implementation in Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending many PPTP packets over NAT, aka Bug ID CSCuh19936."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-31T21:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-5545",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The PPTP ALG implementation in Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending many PPTP packets over NAT, aka Bug ID CSCuh19936."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-5545",
"datePublished": "2013-10-31T21:00:00Z",
"dateReserved": "2013-08-22T00:00:00Z",
"dateUpdated": "2024-09-17T04:25:33.115Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5547 (GCVE-0-2013-5547)
Vulnerability from nvd ā Published: 2013-10-31 21:00 ā Updated: 2024-09-16 19:50
VLAI?
Summary
Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending malformed EoGRE packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCuf08269.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:15:20.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending malformed EoGRE packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCuf08269."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-31T21:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-5547",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending malformed EoGRE packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCuf08269."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-5547",
"datePublished": "2013-10-31T21:00:00Z",
"dateReserved": "2013-08-22T00:00:00Z",
"dateUpdated": "2024-09-16T19:50:44.384Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2014-3284
Vulnerability from fkie_nvd - Published: 2014-05-25 22:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
Cisco IOS XE on ASR1000 devices, when PPPoE termination is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed PPPoE packet, aka Bug ID CSCuo55180.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D95E8A-8F0B-44E5-B266-09E10BAAEC55",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002_fixed_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAE214D-8DD8-4DA3-872A-609E7CE6E606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
"matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1023_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "399C03D1-C4B2-4DE6-9772-EC0BD88D7FCF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco IOS XE on ASR1000 devices, when PPPoE termination is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed PPPoE packet, aka Bug ID CSCuo55180."
},
{
"lang": "es",
"value": "Cisco IOS XE en dispositivos ASR1000, cuando terminaci\u00f3n PPPoE est\u00e1 habilitada, permite a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio de dispositivo) a trav\u00e9s de un paquete PPPoE malformado, tambi\u00e9n conocido como Bug ID CSCuo55180."
}
],
"id": "CVE-2014-3284",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-25T22:55:02.393",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/58405"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3284"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=34346"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/67603"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/58405"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=34346"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/67603"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030283"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-2183
Vulnerability from fkie_nvd - Published: 2014-04-29 10:37 - Updated: 2025-04-12 10:46
Severity ?
Summary
The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98C4014F-BCCA-4175-AD6C-0F9503873A2F",
"versionEndIncluding": "3.10.2s",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1A10EA18-B637-4792-A3CB-E29705893148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D9F45C-E71F-4425-A0C7-DFFEEC93C152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "26FB3B1A-FB8C-4371-A6D2-AB83ECF17F96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.10.1s1:*:*:*:*:*:*:*",
"matchCriteriaId": "1610738B-DA92-4368-868C-F8DD6C7DC0E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002_fixed_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAE214D-8DD8-4DA3-872A-609E7CE6E606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
"matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1023_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "399C03D1-C4B2-4DE6-9772-EC0BD88D7FCF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote authenticated users to cause a denial of service (ESP card reload) via a malformed L2TP packet, aka Bug ID CSCun09973."
},
{
"lang": "es",
"value": "El m\u00f3dulo L2TP en Cisco IOS XE 3.10S(.2) y anteriores en routers ASR 1000 permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (reinicio de tarjeta ESP) a trav\u00e9s de un paquete L2TP manipulado, tambi\u00e9n conocido como Bug ID CSCun09973."
}
],
"id": "CVE-2014-2183",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-29T10:37:04.013",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2183"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33971"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33971"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-5723
Vulnerability from fkie_nvd - Published: 2014-04-24 10:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios_xe | * | |
| cisco | ios_xe | 3.6.0s | |
| cisco | ios_xe | 3.6.1s | |
| cisco | ios_xe | 3.6.2s | |
| cisco | ios_xe | 3.6s\(.0\) | |
| cisco | ios_xe | 3.6s\(.1\) | |
| cisco | ios_xe | 3.6s\(.2\) | |
| cisco | ios_xe | 3.7.0s | |
| cisco | ios_xe | 3.7.1s | |
| cisco | ios_xe | 3.7.2s | |
| cisco | ios_xe | 3.7s\(.0\) | |
| cisco | asr_1001 | - | |
| cisco | asr_1002 | - | |
| cisco | asr_1002-x | - | |
| cisco | asr_1002_fixed_router | - | |
| cisco | asr_1004 | - | |
| cisco | asr_1006 | - | |
| cisco | asr_1013 | - | |
| cisco | asr_1023_router | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35DDF72B-DFD7-449A-800D-45F218C3A4A6",
"versionEndIncluding": "3.7s\\(.1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "2EB5A06F-59B5-43A1-8D06-1B6BA08630A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5F6C44-DB9D-41FD-AD8D-AF45258772DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9E07C9-4C98-48A3-ACF9-1C6FE834D19C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6s\\(.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2112F7EB-4C90-421C-9797-7297DC095140",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6s\\(.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74A029C5-4153-462F-86F4-83F713471D0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6s\\(.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7D8EDD2E-0FEB-4296-B733-275B7ED01064",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "E979597C-E614-45E9-9AC4-66DE323221BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "55E908D0-7327-42B7-81C0-FA25BF45929C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "5420E152-A00C-406C-8E27-6B7ADE4ABF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7s\\(.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "274A45E0-F556-4AFB-9050-BE99DE308206",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002_fixed_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAE214D-8DD8-4DA3-872A-609E7CE6E606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
"matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1023_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "399C03D1-C4B2-4DE6-9772-EC0BD88D7FCF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948."
},
{
"lang": "es",
"value": "Dispositivos Cisco ASR 1000 con software anterior a 3.8S, cuando el enrutamiento BDI est\u00e1 habilitado, permiten a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio de dispositivo) a trav\u00e9s de paquetes (1) broadcast o (2) multicast ICMP manipulados con fragmentaci\u00f3n, tambi\u00e9n conocido como Bug ID CSCub55948."
}
],
"id": "CVE-2012-5723",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-24T10:55:02.320",
"references": [
{
"source": "psirt@cisco.com",
"url": "http://www.cisco.com/c/en/us/td/docs/routers/asr1000/release/notes/asr1k_rn_rel_notes/asr1k_caveats_38s.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/c/en/us/td/docs/routers/asr1000/release/notes/asr1k_rn_rel_notes/asr1k_caveats_38s.html"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-1366
Vulnerability from fkie_nvd - Published: 2014-04-23 11:52 - Updated: 2025-04-12 10:46
Severity ?
Summary
Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios | 15.1 | |
| cisco | asr_1001 | - | |
| cisco | asr_1002 | - | |
| cisco | asr_1002-x | - | |
| cisco | asr_1002_fixed_router | - | |
| cisco | asr_1004 | - | |
| cisco | asr_1006 | - | |
| cisco | asr_1013 | - | |
| cisco | asr_1023_router | - | |
| cisco | asr_9000_rsp440_router | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB41294E-F3DF-4F1E-A4C8-E90B21A88836",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002_fixed_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAE214D-8DD8-4DA3-872A-609E7CE6E606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
"matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1023_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "399C03D1-C4B2-4DE6-9772-EC0BD88D7FCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_9000_rsp440_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A580194-1B06-4D71-B618-345046DBA9C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544."
},
{
"lang": "es",
"value": "Cisco IOS anterior a 15.1(1)SY en dispositivos ASR 1000, cuando seguimiento Multicast Listener Discovery (MLD) est\u00e1 habilitada para IPv6, permite a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio de dispositivo) a trav\u00e9s de paquetes MLD manipulados, tambi\u00e9n conocido como Bug ID CSCtz28544."
}
],
"id": "CVE-2012-1366",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-23T11:52:59.010",
"references": [
{
"source": "psirt@cisco.com",
"url": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-5017
Vulnerability from fkie_nvd - Published: 2014-04-23 11:52 - Updated: 2025-04-12 10:46
Severity ?
Summary
Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause a denial of service (device reload) by establishing a VPN session and then sending malformed IKEv2 packets, aka Bug ID CSCub39268.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26078C06-D436-4254-BAEC-0A6D3814F1FA",
"versionEndIncluding": "15.1\\(1\\)sy",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB41294E-F3DF-4F1E-A4C8-E90B21A88836",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002_fixed_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAE214D-8DD8-4DA3-872A-609E7CE6E606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1023_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "399C03D1-C4B2-4DE6-9772-EC0BD88D7FCF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause a denial of service (device reload) by establishing a VPN session and then sending malformed IKEv2 packets, aka Bug ID CSCub39268."
},
{
"lang": "es",
"value": "Cisco IOS anterior a 15.1(1)SY1 permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (reinicio de dispositivo) mediante el establecimiento de una sesi\u00f3n VPN y posteriormente enviando paquetes IKEv2 malformados, tambi\u00e9n conocido como Bug ID CSCub39268."
}
],
"id": "CVE-2012-5017",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-23T11:52:59.167",
"references": [
{
"source": "psirt@cisco.com",
"url": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/15-1SY/release_notes.pdf"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-5546
Vulnerability from fkie_nvd - Published: 2013-10-31 21:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
The TCP reassembly feature in Cisco IOS XE 3.7 before 3.7.3S and 3.8 before 3.8.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via large TCP packets that are processed by the (1) NAT or (2) ALG component, aka Bug ID CSCud72509.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "E979597C-E614-45E9-9AC4-66DE323221BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "55E908D0-7327-42B7-81C0-FA25BF45929C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "5420E152-A00C-406C-8E27-6B7ADE4ABF5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.8.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "2835C64E-808F-4A6C-B245-7A9996FAFE3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1023_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "399C03D1-C4B2-4DE6-9772-EC0BD88D7FCF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TCP reassembly feature in Cisco IOS XE 3.7 before 3.7.3S and 3.8 before 3.8.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via large TCP packets that are processed by the (1) NAT or (2) ALG component, aka Bug ID CSCud72509."
},
{
"lang": "es",
"value": "La caracter\u00edstica de reensamblado de TCP en Cisco IOS XE 3.7 antes 3.7.3S y 3.8 antes de 3.8.1S de dispositivos ASR 1000 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga dispositivo) a trav\u00e9s de grandes paquetes TCP que son procesados ??por el componente NAT (1) o el componente de ALG (2), tambi\u00e9n conocido como Bug ID CSCud72509."
}
],
"id": "CVE-2013-5546",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-31T21:55:02.877",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-5547
Vulnerability from fkie_nvd - Published: 2013-10-31 21:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending malformed EoGRE packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCuf08269.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.9.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "94227B25-5C86-453C-9DC8-A8201C1D1FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.9.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "10F278DC-5102-4A18-9C72-E8FEEDCC5729",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1023_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "399C03D1-C4B2-4DE6-9772-EC0BD88D7FCF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending malformed EoGRE packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCuf08269."
},
{
"lang": "es",
"value": "Vulnerablidad en Cisco IOS XE 3.9 antes 3.9.2S en dispositivos ASR 1000 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga del dispositivo) mediante el env\u00edo de paquetes malformados EoGRE sobre (1) IPv4 o (2) IPv6, tambi\u00e9n conocido como Bug ID CSCuf08269."
}
],
"id": "CVE-2013-5547",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-31T21:55:02.893",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-5545
Vulnerability from fkie_nvd - Published: 2013-10-31 21:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
The PPTP ALG implementation in Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending many PPTP packets over NAT, aka Bug ID CSCuh19936.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.9.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "94227B25-5C86-453C-9DC8-A8201C1D1FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.9.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "10F278DC-5102-4A18-9C72-E8FEEDCC5729",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1023_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "399C03D1-C4B2-4DE6-9772-EC0BD88D7FCF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The PPTP ALG implementation in Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending many PPTP packets over NAT, aka Bug ID CSCuh19936."
},
{
"lang": "es",
"value": "La implementaci\u00f3n PPTP ALG en Cisco IOS XE 3.9 anterior a 3.9.2S de dispositivos 1000 ASR permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga dispositivo) mediante el env\u00edo de varios paquetes PPTP sobre NAT, tambi\u00e9n conocido como Bug ID CSCuh19936."
}
],
"id": "CVE-2013-5545",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-31T21:55:02.860",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-5543
Vulnerability from fkie_nvd - Published: 2013-10-31 21:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Cisco IOS XE 3.4 before 3.4.2S and 3.5 before 3.5.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via malformed ICMP error packets associated with a (1) TCP or (2) UDP session that is under inspection by the Zone-Based Firewall (ZBFW) component, aka Bug ID CSCtt26470.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.0as:*:*:*:*:*:*:*",
"matchCriteriaId": "B45225F2-C9EB-493D-B845-64BFB8DBB89B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "252377A3-7F15-45F2-A169-BBC37858D4DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "02E8F96A-EA9C-4E66-8491-9B2A3A4023F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1023_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "399C03D1-C4B2-4DE6-9772-EC0BD88D7FCF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco IOS XE 3.4 before 3.4.2S and 3.5 before 3.5.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via malformed ICMP error packets associated with a (1) TCP or (2) UDP session that is under inspection by the Zone-Based Firewall (ZBFW) component, aka Bug ID CSCtt26470."
},
{
"lang": "es",
"value": "Vulnerabilidad en Cisco IOS XE 3.4 antes de 3.4.2S y 3,5 antes de 3.5.1S de dispositivos ASR 1000 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga del dispositivo) a trav\u00e9s de paquetes de error ICMP malformaciones asociadas a una sesion TCP (1) o a una sesi\u00f3n UDP(2) que est\u00e1 bajo inspecci\u00f3n por el componente Firewall de Zonas (ZBFW), tambi\u00e9n conocido como Bug ID CSCtt26470."
}
],
"id": "CVE-2013-5543",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-31T21:55:02.830",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-2779
Vulnerability from fkie_nvd - Published: 2013-04-11 10:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 MVPN (aka MVPNv6) packets, aka Bug ID CSCub34945, a different vulnerability than CVE-2013-1164.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios_xe | 3.4.0as | |
| cisco | ios_xe | 3.4.0s | |
| cisco | ios_xe | 3.4.1s | |
| cisco | ios_xe | 3.4.2s | |
| cisco | ios_xe | 3.4.3s | |
| cisco | ios_xe | 3.4.4s | |
| cisco | ios_xe | 3.4.xs | |
| cisco | ios_xe | 3.5.0s | |
| cisco | ios_xe | 3.5.1s | |
| cisco | ios_xe | 3.5.2s | |
| cisco | ios_xe | 3.5.xs | |
| cisco | ios_xe | 3.6.0s | |
| cisco | ios_xe | 3.6.1s | |
| cisco | ios_xe | 3.6.2s | |
| cisco | ios_xe | 3.7.0s | |
| cisco | asr_1001 | - | |
| cisco | asr_1002 | - | |
| cisco | asr_1002-x | - | |
| cisco | asr_1002_fixed_router | - | |
| cisco | asr_1004 | - | |
| cisco | asr_1006 | - | |
| cisco | asr_1013 | - | |
| cisco | asr_1023_router | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.0as:*:*:*:*:*:*:*",
"matchCriteriaId": "B45225F2-C9EB-493D-B845-64BFB8DBB89B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "252377A3-7F15-45F2-A169-BBC37858D4DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "02E8F96A-EA9C-4E66-8491-9B2A3A4023F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "85908754-8426-49D3-BCC2-AF174B5D0EF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "7F5BA973-D59A-4CB9-BC35-089F88737425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "5E6E83FC-CFAE-45EA-9F20-830FC5E97399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.4.xs:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D36DA8-0CBC-424F-80FB-A59839C49FE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "5872A42F-745E-4EC6-8679-C28F79F6621C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "86947E54-A1B9-4ECE-92A6-417462249612",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "C910BE7C-517F-4E41-8433-1858F700AA22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.5.xs:*:*:*:*:*:*:*",
"matchCriteriaId": "A862D914-CE60-48A9-9D52-299642BE3FF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "2EB5A06F-59B5-43A1-8D06-1B6BA08630A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "FB5F6C44-DB9D-41FD-AD8D-AF45258772DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.6.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9E07C9-4C98-48A3-ACF9-1C6FE834D19C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.7.0s:*:*:*:*:*:*:*",
"matchCriteriaId": "E979597C-E614-45E9-9AC4-66DE323221BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002_fixed_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EAE214D-8DD8-4DA3-872A-609E7CE6E606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
"matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asr_1023_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "399C03D1-C4B2-4DE6-9772-EC0BD88D7FCF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 MVPN (aka MVPNv6) packets, aka Bug ID CSCub34945, a different vulnerability than CVE-2013-1164."
},
{
"lang": "es",
"value": "Cisco IOS XE v3.4 anterior a v3.4.5S, y v3.5 hasta v3.7 anterior a v3.7.1S, ,en Routers de la serie 1000 Agregaci\u00f3n Servicios (ASR) no aplicar correctamente el Cisco Multicast Leaf Eliminaci\u00f3n de reciclaje (MLRE), la cual permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga de tarjeta) a trav\u00e9s fragmentado MVPN IPv6 (tambi\u00e9n conocido como MVPNv6) paquetes, ID de error alias CSCub34945, una vulnerabilidad diferente a CVE-2013-1164."
}
],
"id": "CVE-2013-2779",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-04-11T10:55:02.147",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asr1000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asr1000"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}