CVE-2013-5473

2013-09-2710:08:04

CWE-399

cisco

web.nvd.nist.gov

cve-2013-5473

memory leak

cisco ios

denial of service

nvd

bug id csctx66011

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.8

Confidence

High

EPSS

0.002

Percentile

53.2%

JSON

Memory leak in Cisco IOS 12.2, 15.1, and 15.2; IOS XE 3.4.2S through 3.4.5S; and IOS XE 3.6.xS before 3.6.1S allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed IKEv1 packets, aka Bug ID CSCtx66011.

Affected configurations

Nvd

Node

ciscoiosMatch12.2

ciscoiosMatch15.1

ciscoiosMatch15.2

Node

ciscoios_xeMatch3.4.2s

ciscoios_xeMatch3.4.3s

ciscoios_xeMatch3.4.4s

ciscoios_xeMatch3.4.5s

ciscoios_xeMatch3.6.0s

VendorProductVersionCPE
ciscoios12.2cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*
ciscoios15.1cpe:2.3:o:cisco:ios:15.1:*:*:*:*:*:*:*
ciscoios15.2cpe:2.3:o:cisco:ios:15.2:*:*:*:*:*:*:*
ciscoios_xe3.4.2scpe:2.3:o:cisco:ios_xe:3.4.2s:*:*:*:*:*:*:*
ciscoios_xe3.4.3scpe:2.3:o:cisco:ios_xe:3.4.3s:*:*:*:*:*:*:*
ciscoios_xe3.4.4scpe:2.3:o:cisco:ios_xe:3.4.4s:*:*:*:*:*:*:*
ciscoios_xe3.4.5scpe:2.3:o:cisco:ios_xe:3.4.5s:*:*:*:*:*:*:*
ciscoios_xe3.6.0scpe:2.3:o:cisco:ios_xe:3.6.0s:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios	12.2	cpe:2.3:o:cisco:ios:12.2:::::::*
cisco	ios	15.1	cpe:2.3:o:cisco:ios:15.1:::::::*
cisco	ios	15.2	cpe:2.3:o:cisco:ios:15.2:::::::*
cisco	ios_xe	3.4.2s	cpe:2.3:o:cisco:ios_xe:3.4.2s:::::::*
cisco	ios_xe	3.4.3s	cpe:2.3:o:cisco:ios_xe:3.4.3s:::::::*
cisco	ios_xe	3.4.4s	cpe:2.3:o:cisco:ios_xe:3.4.4s:::::::*
cisco	ios_xe	3.4.5s	cpe:2.3:o:cisco:ios_xe:3.4.5s:::::::*
cisco	ios_xe	3.6.0s	cpe:2.3:o:cisco:ios_xe:3.6.0s:::::::*