CVE-2013-1146

Published: 28/03/2013 Updated: 29/03/2013

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

The Smart Install client functionality in Cisco IOS 12.2 and 15.0 up to and including 15.3 on Catalyst switches allows remote malicious users to cause a denial of service (device reload) via crafted image list parameters in Smart Install packets, aka Bug ID CSCub55790.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios 15.0\\(1\\)se
cisco ios 12.2
cisco ios 15.2
cisco ios 15.1
cisco ios 15.0
cisco ios 15.3

The Smart Install client feature in Cisco IOS Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device Affected devices that are configured as Smart Install clients are vulnerable Cisco has released software updates that address this vulnerability ...

In recent weeks, Cisco has published several documents related to the Smart Install feature: one Talos blog about potential misuse of the feature if left enabled, and two Cisco Security Advisories that were included in the March 2018 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication Given the heightened awareness, ...

CWE-119 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-smartinstall https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-smartinstall

CVE-2013-1146

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect