Vulnerability Name:

CVE-2013-1243 (CCN-85785)

Assigned:2013-07-17
Published:2013-07-17
Updated:2013-10-11
Summary:The IP stack in Cisco Intrusion Prevention System (IPS) Software in ASA 5500-X IPS-SSP software and hardware modules before 7.1(5)E4, IPS 4500 sensors before 7.1(6)E4, and IPS 4300 sensors before 7.1(5)E4 allows remote attackers to cause a denial of service (MainApp process hang) via malformed IPv4 packets, aka Bug ID CSCtx18596.
CVSS v3 Severity:7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
5.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
5.8 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-119
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2013-1243

Source: CCN
Type: SA54247
Cisco Intrusion Prevention System IP Packets Denial of Service Vulnerability

Source: CCN
Type: cisco-sa-20130717-ips
Multiple Vulnerabilities in Cisco Intrusion Prevention System Software

Source: CISCO
Type: Vendor Advisory
20130717 Multiple Vulnerabilities in Cisco Intrusion Prevention System Software

Source: CCN
Type: BID-61294
Cisco IPS Software CVE-2013-1243 Denial of Service Vulnerability

Source: XF
Type: UNKNOWN
cisco-ips-cve20131243-dos(85785)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:cisco:asa_5500-x_series_ips_ssp_software:7.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:intrusion_prevention_system:*:*:*:*:*:*:*:* (Version <= 7.1)
  • OR cpe:/h:cisco:asa_5585-x:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:idsm-2:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:ips_4345_sensor:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:ips_4360_sensor:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:ips_4510_sensor:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:ips_4520_sensor:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:ips_nme:-:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:cisco:intrusion_prevention_system:7.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    cisco asa 5500-x series ips ssp software 7.1
    cisco intrusion prevention system *
    cisco asa 5585-x -
    cisco idsm-2 -
    cisco ips 4345 sensor -
    cisco ips 4360 sensor -
    cisco ips 4510 sensor -
    cisco ips 4520 sensor -
    cisco ips nme -
    cisco intrusion prevention system 7.1