Sign-up

ID

VAR-201311-0378


CVE

CVE-2013-6706


TITLE

Cisco IOS XE of Cisco Express Forwarding Service disruption in processing modules (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-005325

DESCRIPTION

The Cisco Express Forwarding processing module in Cisco IOS XE allows remote attackers to cause a denial of service (device reload) via crafted MPLS packets that are not properly handled during IP header validation, aka Bug ID CSCuj23992. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. The module has an error in handling the IP header in MPLS. When some additional functions are configured (\"ip cef accounting\" and \"tcp adjust-mss\"), the attacker can send MPLS as the IP packet to pass and leave. The device can trigger this vulnerability, which can cause a device overload to cause a denial of service attack. Cisco IOS XE is prone to a remote denial-of-service vulnerability. This issue is being tracked by Cisco Bug ID CSCuj23992

Trust: 2.52

sources: NVD: CVE-2013-6706 // JVNDB: JVNDB-2013-005325 // CNVD: CNVD-2013-14810 // BID: 63979 // VULHUB: VHN-66708

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2013-14810

AFFECTED PRODUCTS

vendor:ciscomodel:ios xescope:eqversion: -

Trust: 1.6

vendor:ciscomodel:ios xescope:lteversion:3.9s(.1)

Trust: 0.8

vendor:ciscomodel:ios xe softwarescope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2013-14810 // JVNDB: JVNDB-2013-005325 // CNNVD: CNNVD-201311-473 // NVD: CVE-2013-6706

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-6706
value: MEDIUM

Trust: 1.0

NVD: CVE-2013-6706
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2013-14810
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201311-473
value: MEDIUM

Trust: 0.6

VULHUB: VHN-66708
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2013-6706
severity: MEDIUM
baseScore: 5.4
vectorString: AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2013-14810
severity: MEDIUM
baseScore: 5.4
vectorString: AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-66708
severity: MEDIUM
baseScore: 5.4
vectorString: AV:N/AC:H/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2013-14810 // VULHUB: VHN-66708 // JVNDB: JVNDB-2013-005325 // CNNVD: CNNVD-201311-473 // NVD: CVE-2013-6706

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-66708 // JVNDB: JVNDB-2013-005325 // NVD: CVE-2013-6706

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201311-473

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201311-473

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-005325

PATCH
title:Cisco IOS XE Software IP Header Sanity Check Denial of Service Vulnerabilityurl:http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6706
Trust: 0.8
title:31950url:http://tools.cisco.com/security/center/viewAlert.x?alertId=31950
Trust: 0.8
title:Cisco IOS XE Software MPLS Packet Handling Patch for Remote Denial of Service Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/41393
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2013-14810 // 
            
            
            
            JVNDB: JVNDB-2013-005325

EXTERNAL IDS
db:NVDid:CVE-2013-6706
Trust: 3.4
db:BIDid:63979
Trust: 2.0
db:SECTRACKid:1029407
Trust: 1.1
db:SECUNIAid:55817
Trust: 1.1
db:OSVDBid:100394
Trust: 1.1
db:JVNDBid:JVNDB-2013-005325
Trust: 0.8
db:CNNVDid:CNNVD-201311-473
Trust: 0.7
db:CNVDid:CNVD-2013-14810
Trust: 0.6
db:CISCOid:20131127 CISCO IOS XE SOFTWARE IP HEADER SANITY CHECK DENIAL OF SERVICE VULNERABILITY
Trust: 0.6
db:VULHUBid:VHN-66708
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2013-14810 // 
            
            
            
            VULHUB: VHN-66708 // 
            
            
            
            BID: 63979 // 
            
            
            
            JVNDB: JVNDB-2013-005325 // 
            
            
            
            CNNVD: CNNVD-201311-473 // 
            
            
            
            NVD: CVE-2013-6706

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-6706
Trust: 2.3
url:http://www.securityfocus.com/bid/63979
Trust: 1.1
url:http://tools.cisco.com/security/center/viewalert.x?alertid=31950
Trust: 1.1
url:http://osvdb.org/100394
Trust: 1.1
url:http://www.securitytracker.com/id/1029407
Trust: 1.1
url:http://secunia.com/advisories/55817
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6706
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6706
Trust: 0.8
url:http://tools.cisco.com/support/bugtoolkit/search/getbugdetails.do?method=fetchbugdetails&bugid=cscuj23992
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2013-14810 // 
            
            
            
            VULHUB: VHN-66708 // 
            
            
            
            JVNDB: JVNDB-2013-005325 // 
            
            
            
            CNNVD: CNNVD-201311-473 // 
            
            
            
            NVD: CVE-2013-6706

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 63979

SOURCES
db:CNVDid:CNVD-2013-14810
db:VULHUBid:VHN-66708
db:BIDid:63979
db:JVNDBid:JVNDB-2013-005325
db:CNNVDid:CNNVD-201311-473
db:NVDid:CVE-2013-6706

LAST UPDATE DATE
2024-11-23T23:09:55.343000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2013-14810date:2013-12-02T00:00:00
db:VULHUBid:VHN-66708date:2016-11-02T00:00:00
db:BIDid:63979date:2013-12-10T00:57:00
db:JVNDBid:JVNDB-2013-005325date:2013-12-26T00:00:00
db:CNNVDid:CNNVD-201311-473date:2013-12-06T00:00:00
db:NVDid:CVE-2013-6706date:2024-11-21T01:59:35.327

SOURCES RELEASE DATE
db:CNVDid:CNVD-2013-14810date:2013-12-02T00:00:00
db:VULHUBid:VHN-66708date:2013-11-29T00:00:00
db:BIDid:63979date:2013-11-27T00:00:00
db:JVNDBid:JVNDB-2013-005325date:2013-12-02T00:00:00
db:CNNVDid:CNNVD-201311-473date:2013-11-29T00:00:00
db:NVDid:CVE-2013-6706date:2013-11-29T04:33:29.137