Vulnerability Name:

CVE-2013-1241 (CCN-84114)

Assigned:2013-05-07
Published:2013-05-07
Updated:2013-05-08
Summary:The ISM module in Cisco IOS on ISR G2 routers does not properly handle authentication-header packets, which allows remote authenticated users to cause a denial of service (module reload) via a series of malformed packets, aka Bug ID CSCub92025.
CVSS v3 Severity:4.8 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:6.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:N/A:C)
4.7 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
6.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:N/A:C)
4.7 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-287
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2013-1241

Source: CCN
Type: SA53328
Cisco ISM module for ISR G2 Authentication Header Packet Processing Denial of Service Vulnerability

Source: CCN
Type: Cisco Security Notice
Cisco ISM Malformed Authentication Header Packet Denial of Service Vulnerability

Source: CISCO
Type: Vendor Advisory
20130506 Cisco ISM Malformed Authentication Header Packet Denial of Service Vulnerability

Source: CCN
Type: BID-59774
Cisco IOS ISM Module CVE-2013-1241 Denial of Service Vulnerability

Source: XF
Type: UNKNOWN
cisco-ios-cve20131241-dos(84114)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:cisco:ios:-:*:*:*:*:*:*:*
  • AND
  • cpe:/h:cisco:1921_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:1941_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:1941w_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:2901_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:2911_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:2921_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:2951_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:3925_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:3925e_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:3945_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:3945e_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:861_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:867_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:880_3g_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:881_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:886_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:886va-w_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:886va_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:887_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:887v_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:887va-w_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:887va_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:888_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:891_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:892_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:c881w_integrated_services_router:-:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:cisco:ios:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:3945_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:3945e_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:3925_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:3925e_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:2951_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:2921_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:2911_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:2901_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:1941_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:1941w_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:1921_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:892_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:891_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:888_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:887va-w_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:887va_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:887v_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:887_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:886va-w_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:886va_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:886_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:c881w_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:881_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:880_3g_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:867_integrated_services_router:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:861_integrated_services_router:-:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    cisco ios -
    cisco 1921 integrated services router -
    cisco 1941 integrated services router -
    cisco 1941w integrated services router -
    cisco 2901 integrated services router -
    cisco 2911 integrated services router -
    cisco 2921 integrated services router -
    cisco 2951 integrated services router -
    cisco 3925 integrated services router -
    cisco 3925e integrated services router -
    cisco 3945 integrated services router -
    cisco 3945e integrated services router -
    cisco 861 integrated services router -
    cisco 867 integrated services router -
    cisco 880 3g integrated services router -
    cisco 881 integrated services router -
    cisco 886 integrated services router -
    cisco 886va-w integrated services router -
    cisco 886va integrated services router -
    cisco 887 integrated services router -
    cisco 887v integrated services router -
    cisco 887va-w integrated services router -
    cisco 887va integrated services router -
    cisco 888 integrated services router -
    cisco 891 integrated services router -
    cisco 892 integrated services router -
    cisco c881w integrated services router -
    cisco ios *
    cisco 3945 integrated services router -
    cisco 3945e integrated services router -
    cisco 3925 integrated services router -
    cisco 3925e integrated services router -
    cisco 2951 integrated services router -
    cisco 2921 integrated services router -
    cisco 2911 integrated services router -
    cisco 2901 integrated services router -
    cisco 1941 integrated services router -
    cisco 1941w integrated services router -
    cisco 1921 integrated services router -
    cisco 892 integrated services router -
    cisco 891 integrated services router -
    cisco 888 integrated services router -
    cisco 887va-w integrated services router -
    cisco 887va integrated services router -
    cisco 887v integrated services router -
    cisco 887 integrated services router -
    cisco 886va-w integrated services router -
    cisco 886va integrated services router -
    cisco 886 integrated services router -
    cisco c881w integrated services router -
    cisco 881 integrated services router -
    cisco 880 3g integrated services router -
    cisco 867 integrated services router -
    cisco 861 integrated services router -