VAR-201304-0254
Vulnerability from variot - Updated: 2024-02-13 22:42Cisco Universal Broadband (aka uBR) 10000 series routers, when an IPv4/IPv6 dual-stack modem is used, allow remote attackers to cause a denial of service (routing-engine reload) via unspecified changes to IP address assignments, aka Bug ID CSCue15313. The Cisco uBR 10000 Series is a router device from Cisco. A security vulnerability exists in the Cisco uBR 10000 that allows unauthenticated remote attackers to conduct denial of service attacks. By operating the IPv4 and IPv6 address assignments of a dual-stack modem connected to the affected device, an attacker in a neighboring network can reload the router engine in the device. Successful exploits will cause an affected device to reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCue15313. Successful exploitation of the vulnerability requires the program to use IPv4/IPv6 dual-track routers
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201304-0254",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ubr10012",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "ubr10012 series universal broadband router",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ubr series",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "10000"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-03012"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002228"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-192"
},
{
"db": "NVD",
"id": "CVE-2013-1189"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ubr10012:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1189"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "59035"
}
],
"trust": 0.3
},
"cve": "CVE-2013-1189",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.7,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 5.7,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-1189",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.7,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"id": "CNVD-2013-03012",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 5.7,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"id": "VHN-61191",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-1189",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-03012",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201304-192",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-61191",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2013-1189",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-03012"
},
{
"db": "VULHUB",
"id": "VHN-61191"
},
{
"db": "VULMON",
"id": "CVE-2013-1189"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002228"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-192"
},
{
"db": "NVD",
"id": "CVE-2013-1189"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Universal Broadband (aka uBR) 10000 series routers, when an IPv4/IPv6 dual-stack modem is used, allow remote attackers to cause a denial of service (routing-engine reload) via unspecified changes to IP address assignments, aka Bug ID CSCue15313. The Cisco uBR 10000 Series is a router device from Cisco. A security vulnerability exists in the Cisco uBR 10000 that allows unauthenticated remote attackers to conduct denial of service attacks. By operating the IPv4 and IPv6 address assignments of a dual-stack modem connected to the affected device, an attacker in a neighboring network can reload the router engine in the device. \nSuccessful exploits will cause an affected device to reload, denying service to legitimate users. \nThis issue is being tracked by Cisco Bug ID CSCue15313. Successful exploitation of the vulnerability requires the program to use IPv4/IPv6 dual-track routers",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1189"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002228"
},
{
"db": "CNVD",
"id": "CNVD-2013-03012"
},
{
"db": "BID",
"id": "59035"
},
{
"db": "VULHUB",
"id": "VHN-61191"
},
{
"db": "VULMON",
"id": "CVE-2013-1189"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-1189",
"trust": 3.5
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002228",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201304-192",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2013-03012",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20130410 CISCO UBR10000 SERIES IPV4/IPV6 DUAL STACK VULNERABILITY",
"trust": 0.6
},
{
"db": "BID",
"id": "59035",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-61191",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2013-1189",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-03012"
},
{
"db": "VULHUB",
"id": "VHN-61191"
},
{
"db": "VULMON",
"id": "CVE-2013-1189"
},
{
"db": "BID",
"id": "59035"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002228"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-192"
},
{
"db": "NVD",
"id": "CVE-2013-1189"
}
]
},
"id": "VAR-201304-0254",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-03012"
},
{
"db": "VULHUB",
"id": "VHN-61191"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-03012"
}
]
},
"last_update_date": "2024-02-13T22:42:39.728000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Cisco AnyConnect ciscod.exe Heap Overflow Vulnerability",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-1189"
},
{
"title": "28927",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=28927"
},
{
"title": "Cisco uBR 10000 Series IPv4 / IPv6 Address Assignment Operation Denial of Service Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/33257"
},
{
"title": "Cisco: Cisco uBR10000 Series IPv4/IPv6 Dual Stack Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20130411-cve-2013-1189"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-03012"
},
{
"db": "VULMON",
"id": "CVE-2013-1189"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002228"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61191"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002228"
},
{
"db": "NVD",
"id": "CVE-2013-1189"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-1189"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1189"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1189"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130411-cve-2013-1189"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-03012"
},
{
"db": "VULHUB",
"id": "VHN-61191"
},
{
"db": "VULMON",
"id": "CVE-2013-1189"
},
{
"db": "BID",
"id": "59035"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002228"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-192"
},
{
"db": "NVD",
"id": "CVE-2013-1189"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-03012"
},
{
"db": "VULHUB",
"id": "VHN-61191"
},
{
"db": "VULMON",
"id": "CVE-2013-1189"
},
{
"db": "BID",
"id": "59035"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002228"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-192"
},
{
"db": "NVD",
"id": "CVE-2013-1189"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-04-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-03012"
},
{
"date": "2013-04-11T00:00:00",
"db": "VULHUB",
"id": "VHN-61191"
},
{
"date": "2013-04-11T00:00:00",
"db": "VULMON",
"id": "CVE-2013-1189"
},
{
"date": "2013-04-10T00:00:00",
"db": "BID",
"id": "59035"
},
{
"date": "2013-04-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002228"
},
{
"date": "2013-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-192"
},
{
"date": "2013-04-11T10:55:02.123000",
"db": "NVD",
"id": "CVE-2013-1189"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-03012"
},
{
"date": "2013-04-11T00:00:00",
"db": "VULHUB",
"id": "VHN-61191"
},
{
"date": "2013-04-11T00:00:00",
"db": "VULMON",
"id": "CVE-2013-1189"
},
{
"date": "2013-04-12T11:08:00",
"db": "BID",
"id": "59035"
},
{
"date": "2013-04-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002228"
},
{
"date": "2013-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-192"
},
{
"date": "2013-04-11T10:55:02.123000",
"db": "NVD",
"id": "CVE-2013-1189"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201304-192"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Universal broadband 10000 Service operation interruption in series routers (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002228"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201304-192"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…