Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.3
CVSSv2

CVE-2013-1241

Published: 08/05/2013 Updated: 08/05/2013
CVSS v2 Base Score: 6.3 | Impact Score: 6.9 | Exploitability Score: 6.8
VMScore: 561
Vector: AV:N/AC:M/Au:S/C:N/I:N/A:C
Subscribe to Ios

Vulnerability Summary

A vulnerability in authentication header packets processing on the Cisco ISM module for ISR G2 could allow an authenticated, remote malicious user to cause a reload of the affected module. The vulnerability is due to improper processing of malformed authentication header packets. An attacker could exploit this vulnerability by sending a stream of malformed authentication header packets over an established IPsec security association. An exploit could allow the malicious user to cause a reload of the affected module, resulting in a denial of service (DoS) condition for IPsec traffic. Cisco has confirmed the vulnerability in a security notice and software updates are available. To exploit this vulnerability, the attacker must authenticate to a targeted system to send malformed authentication header packets. This access requirement limits the possibility of a successful exploit. Customers are advised to review the bug reports in the "Vendor Announcements" section for a current list of affected versions. Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco ios -

cisco 3945e_integrated_services_router -

cisco 3925_integrated_services_router -

cisco 3925e_integrated_services_router -

cisco 2951_integrated_services_router -

cisco 887_integrated_services_router -

cisco 886va-w_integrated_services_router -

cisco 886va_integrated_services_router -

cisco 886_integrated_services_router -

cisco c881w_integrated_services_router -

cisco 2911_integrated_services_router -

cisco 1941_integrated_services_router -

cisco 888_integrated_services_router -

cisco 887va_integrated_services_router -

cisco 881_integrated_services_router -

cisco 867_integrated_services_router -

cisco 1941w_integrated_services_router -

cisco 1921_integrated_services_router -

cisco 892_integrated_services_router -

cisco 891_integrated_services_router -

cisco 3945_integrated_services_router -

cisco 2921_integrated_services_router -

cisco 2901_integrated_services_router -

cisco 887va-w_integrated_services_router -

cisco 887v_integrated_services_router -

cisco 880_3g_integrated_services_router -

cisco 861_integrated_services_router -

Vendor Advisories

Cisco: Cisco ISM Malformed Authentication Header Packet Denial of Service Vulnerability
A vulnerability in authentication header packets processing on the Cisco ISM module for ISR G2 could allow an authenticated, remote attacker to cause a reload of the affected module The vulnerability is due to improper processing of malformed authentication header packets An attacker could exploit this vulnerability by sending a stream of malfor ...

References

CWE-287http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1241https://nvd.nist.govhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20130507-CVE-2013-1241
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook