| Vulnerability Name: | CVE-2013-1164 (CCN-83367) | ||||||||
| Assigned: | 2013-04-10 | ||||||||
| Published: | 2013-04-10 | ||||||||
| Updated: | 2021-10-05 | ||||||||
| Summary: | Cisco IOS XE 3.4 before 3.4.4S, 3.5, and 3.6 on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 multicast packets, aka Bug ID CSCtz97563. | ||||||||
| CVSS v3 Severity: | 7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
| ||||||||
| CVSS v2 Severity: | 7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C) 5.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
5.8 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||
| References: | Source: MITRE Type: CNA CVE-2013-1164 Source: CCN Type: SA53011 Cisco IOS XE 1000 Series ASR Denial of Service Vulnerabilities Source: CCN Type: SA53016 Cisco IOS XE 1000 Series ASR Denial of Service Vulnerabilities Source: CCN Type: cisco-sa-20130410-asr1000 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers Source: CISCO Type: Vendor Advisory 20130410 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers Source: CCN Type: BID-59003 Cisco IOS XE IPv6 Multicast And IPv6 MVPN Traffic Remote Denial of Service Vulnerability Source: XF Type: UNKNOWN cisco-cve20131164-dos(83367) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| Vulnerability Name: | CVE-2013-1164 (CCN-83372) | ||||||||
| Assigned: | 2013-04-10 | ||||||||
| Published: | 2013-04-10 | ||||||||
| Updated: | 2013-04-15 | ||||||||
| Summary: | Cisco IOS XE 3.4 before 3.4.4S, 3.5, and 3.6 on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 multicast packets, aka Bug ID CSCtz97563. | ||||||||
| CVSS v3 Severity: | 7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
| ||||||||
| CVSS v2 Severity: | 7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C) 5.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
5.8 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||
| References: | Source: MITRE Type: CNA CVE-2013-1164 Source: CCN Type: SA53011 Cisco IOS XE 1000 Series ASR Denial of Service Vulnerabilities Source: CCN Type: SA53016 Cisco IOS XE 1000 Series ASR Denial of Service Vulnerabilities Source: CCN Type: cisco-sa-20130410-asr1000 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers Source: CCN Type: BID-59003 Cisco IOS XE IPv6 Multicast And IPv6 MVPN Traffic Remote Denial of Service Vulnerability Source: XF Type: UNKNOWN cisco-iosxe-cve20131164-dos(83372) | ||||||||
| BACK | |||||||||