Cisco IOS XE 3.4 prior to 3.4.5S, and 3.5 up to and including 3.7 prior to 3.7.1S, on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote malicious users to cause a denial of service (card reload) via fragmented IPv6 MVPN (aka MVPNv6) packets, aka Bug ID CSCub34945, a different vulnerability than CVE-2013-1164.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
cisco ios xe 3.4.0as |
||
cisco ios xe 3.4.0s |
||
cisco ios xe 3.4.1s |
||
cisco ios xe 3.4.2s |
||
cisco ios xe 3.4.3s |
||
cisco ios xe 3.4.4s |
||
cisco ios xe 3.4.xs |
||
cisco ios xe 3.5.0s |
||
cisco ios xe 3.5.1s |
||
cisco ios xe 3.5.2s |
||
cisco ios xe 3.5.xs |
||
cisco ios xe 3.6.0s |
||
cisco ios xe 3.6.1s |
||
cisco ios xe 3.6.2s |
||
cisco ios xe 3.7.0s |
||
cisco asr 1001 - |
||
cisco asr 1002 - |
||
cisco asr 1002-x - |
||
cisco asr 1002 fixed router - |
||
cisco asr 1004 - |
||
cisco asr 1006 - |
||
cisco asr 1013 - |
||
cisco asr 1023 router - |
Vulmon