Published: 31/10/2013 Updated: 05/10/2021

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Cisco IOS XE 3.4 prior to 3.4.2S and 3.5 prior to 3.5.1S on 1000 ASR devices allows remote malicious users to cause a denial of service (device reload) via malformed ICMP error packets associated with a (1) TCP or (2) UDP session that is under inspection by the Zone-Based Firewall (ZBFW) component, aka Bug ID CSCtt26470.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios_xe 3.4.0as
cisco ios_xe 3.4.0s
cisco ios_xe 3.4.1s
cisco asr_1006 -
cisco asr_1023_router -
cisco asr_1002-x -
cisco asr_1004 -
cisco asr_1001 -
cisco asr_1002 -

Cisco IOS XE Software for 1000 Series Aggregation Services Routers (ASR) contains the following denial of service (DoS) vulnerabilities: Cisco IOS XE Software Malformed ICMP Packet Denial of Service Vulnerability Cisco IOS XE Software PPTP Traffic Denial of Service Vulnerability Cisco IOS XE Software TCP Segment Reassembly Denial of S ...

CWE-20 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-5543

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect