Vulnerability Name: | CVE-2013-1148 (CCN-83119) | ||||||||
Assigned: | 2013-03-27 | ||||||||
Published: | 2013-03-27 | ||||||||
Updated: | 2013-03-29 | ||||||||
Summary: | The General Responder implementation in the IP Service Level Agreement (SLA) feature in Cisco IOS 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S allows remote attackers to cause a denial of service (device reload) via crafted (1) IPv4 or (2) IPv6 IP SLA packets on UDP port 1167, aka Bug ID CSCuc72594. | ||||||||
CVSS v3 Severity: | 7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
| ||||||||
CVSS v2 Severity: | 7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C) 5.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
5.8 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-119 | ||||||||
Vulnerability Consequences: | Denial of Service | ||||||||
References: | Source: MITRE Type: CNA CVE-2013-1148 Source: CCN Type: SA52786 Cisco IOS / IOS XE IP Service Level Agreement Denial of Service Vulnerability Source: CCN Type: cisco-sa-20130327-ipsla Cisco IOS Software IP Service Level Agreement Vulnerability Source: CISCO Type: Vendor Advisory 20130327 Cisco IOS Software IP Service Level Agreement Vulnerability Source: CCN Type: BID-58739 Cisco IOS IP Service Level Agreement CVE-2013-1148 Denial of Service Vulnerability Source: XF Type: UNKNOWN ciscoios-cve20131148-dos(83119) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration 3: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
Oval Definitions | |||||||||
| |||||||||
BACK |