Lucene search

CiscoCVE-2013-6686

HistoryOct 03, 2022 - 4:14 p.m.

CVE-2013-6686

2022-10-0316:14:52

CWE-20

cisco

web.nvd.nist.gov

cisco

ios

ssl

vpn

denial of service

crafted packets

dtls

security vulnerability

nvd

cve-2013-6686

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

45.1%

JSON

The SSL VPN implementation in Cisco IOS 15.3(1)T2 and earlier allows remote authenticated users to cause a denial of service (interface queue wedge) via crafted DTLS packets in an SSL session, aka Bug IDs CSCuh97409 and CSCud90568.

Affected configurations

Nvd

Node

ciscoiosRange≤15.3

ciscoiosMatch15.0

ciscoiosMatch15.0\(1\)se

ciscoiosMatch15.1

ciscoiosMatch15.2

VendorProductVersionCPE
ciscoios*cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*
ciscoios15.0cpe:2.3:o:cisco:ios:15.0:*:*:*:*:*:*:*
ciscoios15.0(1)secpe:2.3:o:cisco:ios:15.0\(1\)se:*:*:*:*:*:*:*
ciscoios15.1cpe:2.3:o:cisco:ios:15.1:*:*:*:*:*:*:*
ciscoios15.2cpe:2.3:o:cisco:ios:15.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios	*	cpe:2.3:o:cisco:ios::::::::
cisco	ios	15.0	cpe:2.3:o:cisco:ios:15.0:::::::*
cisco	ios	15.0(1)se	cpe:2.3:o:cisco:ios:15.0\(1\)se:::::::*
cisco	ios	15.1	cpe:2.3:o:cisco:ios:15.1:::::::*
cisco	ios	15.2	cpe:2.3:o:cisco:ios:15.2:::::::*

References

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6686

tools.cisco.com/security/center/viewAlert.x?alertId=31757

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

45.1%

JSON

Related for CVE-2013-6686