Sign-up

ID

VAR-201311-0231


CVE

CVE-2013-6693


TITLE

Cisco 7600 Runs on a series router Cisco IOS of MLDP Service disruption in implementations (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-005224

DESCRIPTION

The MLDP implementation in Cisco IOS 15.3(3)S and earlier on 7600 routers, when many VRFs are configured, allows remote attackers to cause a denial of service (chunk corruption and device reload) by establishing many multicast flows, aka Bug ID CSCue22345. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. An attacker can exploit the vulnerability to reload the affected device. This issue is being tracked by Cisco Bug ID CSCue22345

Trust: 2.52

sources: NVD: CVE-2013-6693 // JVNDB: JVNDB-2013-005224 // CNVD: CNVD-2013-14683 // BID: 63860 // VULHUB: VHN-66695

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2013-14683

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion:15.3s

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:15.3\(2\)s

Trust: 1.6

vendor:ciscomodel:7600 routerscope:eqversion:*

Trust: 1.0

vendor:ciscomodel:iosscope:lteversion:15.3\(3\)s

Trust: 1.0

vendor:ciscomodel:7600 seriesscope: - version: -

Trust: 0.8

vendor:ciscomodel:iosscope:lteversion:15.3(3)s

Trust: 0.8

vendor:ciscomodel:iosscope: - version: -

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)s

Trust: 0.6

sources: CNVD: CNVD-2013-14683 // JVNDB: JVNDB-2013-005224 // CNNVD: CNNVD-201311-338 // NVD: CVE-2013-6693

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-6693
value: MEDIUM

Trust: 1.0

NVD: CVE-2013-6693
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2013-14683
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201311-338
value: MEDIUM

Trust: 0.6

VULHUB: VHN-66695
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2013-6693
severity: MEDIUM
baseScore: 5.4
vectorString: AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2013-14683
severity: MEDIUM
baseScore: 5.4
vectorString: AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-66695
severity: MEDIUM
baseScore: 5.4
vectorString: AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2013-14683 // VULHUB: VHN-66695 // JVNDB: JVNDB-2013-005224 // CNNVD: CNNVD-201311-338 // NVD: CVE-2013-6693

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-66695 // JVNDB: JVNDB-2013-005224 // NVD: CVE-2013-6693

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201311-338

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201311-338

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-005224

PATCH
title:Cisco IOS Software MLDP Denial of Service Vulnerabilityurl:http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6693
Trust: 0.8
title:31861url:http://tools.cisco.com/security/center/viewAlert.x?alertId=31861
Trust: 0.8
title:Cisco IOS MLDP Remote Denial of Service Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/41261
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2013-14683 // 
            
            
            
            JVNDB: JVNDB-2013-005224

EXTERNAL IDS
db:NVDid:CVE-2013-6693
Trust: 3.4
db:BIDid:63860
Trust: 1.0
db:JVNDBid:JVNDB-2013-005224
Trust: 0.8
db:CNNVDid:CNNVD-201311-338
Trust: 0.7
db:CNVDid:CNVD-2013-14683
Trust: 0.6
db:NSFOCUSid:25365
Trust: 0.6
db:CISCOid:20131121 CISCO IOS SOFTWARE MLDP DENIAL OF SERVICE VULNERABILITY
Trust: 0.6
db:VULHUBid:VHN-66695
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2013-14683 // 
            
            
            
            VULHUB: VHN-66695 // 
            
            
            
            BID: 63860 // 
            
            
            
            JVNDB: JVNDB-2013-005224 // 
            
            
            
            CNNVD: CNNVD-201311-338 // 
            
            
            
            NVD: CVE-2013-6693

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-6693
Trust: 2.3
url:http://tools.cisco.com/security/center/viewalert.x?alertid=31861
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6693
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6693
Trust: 0.8
url:http://tools.cisco.com/support/bugtoolkit/search/getbugdetails.do?method=fetchbugdetails&bugid=cscue22345
Trust: 0.6
url:http://www.nsfocus.net/vulndb/25365
Trust: 0.6
url:http://www.cisco.com/
Trust: 0.3
url:http://www.cisco.com/en/us/products/sw/iosswrel/products_ios_cisco_ios_software_category_home.html
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2013-14683 // 
            
            
            
            VULHUB: VHN-66695 // 
            
            
            
            BID: 63860 // 
            
            
            
            JVNDB: JVNDB-2013-005224 // 
            
            
            
            CNNVD: CNNVD-201311-338 // 
            
            
            
            NVD: CVE-2013-6693

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 63860

SOURCES
db:CNVDid:CNVD-2013-14683
db:VULHUBid:VHN-66695
db:BIDid:63860
db:JVNDBid:JVNDB-2013-005224
db:CNNVDid:CNNVD-201311-338
db:NVDid:CVE-2013-6693

LAST UPDATE DATE
2024-11-23T22:42:39.354000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2013-14683date:2013-11-25T00:00:00
db:VULHUBid:VHN-66695date:2013-11-22T00:00:00
db:BIDid:63860date:2013-11-22T06:37:00
db:JVNDBid:JVNDB-2013-005224date:2013-11-25T00:00:00
db:CNNVDid:CNNVD-201311-338date:2013-11-29T00:00:00
db:NVDid:CVE-2013-6693date:2024-11-21T01:59:34.007

SOURCES RELEASE DATE
db:CNVDid:CNVD-2013-14683date:2013-11-25T00:00:00
db:VULHUBid:VHN-66695date:2013-11-22T00:00:00
db:BIDid:63860date:2013-11-21T00:00:00
db:JVNDBid:JVNDB-2013-005224date:2013-11-25T00:00:00
db:CNNVDid:CNNVD-201311-338date:2013-11-29T00:00:00
db:NVDid:CVE-2013-6693date:2013-11-22T01:55:04.073