| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 7.2 | $0-$5k | 0.00 |
Summary
A vulnerability identified as problematic has been detected in Cisco IOS XE up to 3.7. Affected is an unknown function of the component L2TP Packet Handler. This manipulation causes input validation. This vulnerability is tracked as CVE-2013-1165. No exploit exists. You should upgrade the affected component.
Details
A vulnerability classified as critical was found in Cisco IOS XE up to 3.7 (Router Operating System). Affected by this vulnerability is some unknown functionality of the component L2TP Packet Handler. The manipulation with an unknown input leads to a input validation vulnerability. The CWE definition for the vulnerability is CWE-20. The product receives input or data, but it does
not validate or incorrectly validates that the input has the
properties that are required to process the data safely and
correctly. As an impact it is known to affect availability. The summary by CVE is:
Cisco IOS XE 2.x and 3.x before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) allows remote attackers to cause a denial of service (card reload) by sending many crafted L2TP packets, aka Bug ID CSCtz23293.
The weakness was disclosed 04/10/2013 with Cisco as cisco-sa-20130410-asr1000 as confirmed advisory (Website). It is possible to read the advisory at tools.cisco.com. The public release has been coordinated in cooperation with Cisco. This vulnerability is known as CVE-2013-1165 since 01/11/2013. The exploitation appears to be easy. The attack can be launched remotely. The exploitation doesn't need any form of authentication. The technical details are unknown and an exploit is not publicly available.
The vulnerability scanner Nessus provides a plugin with the ID 67218 (Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers (cisco-sa-20130410-asr1000)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family CISCO.
Upgrading to version 3.4.5S eliminates this vulnerability. The upgrade is hosted for download at tools.cisco.com. A possible mitigation has been published immediately after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at X-Force (83368), Tenable (67218), SecurityFocus (BID 59007†), OSVDB (92207†) and Secunia (SA53011†). The entries VDB-8223, VDB-8224, VDB-8225 and VDB-8226 are pretty similar. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.cisco.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 7.5VulDB Meta Temp Score: 7.2
VulDB Base Score: 7.5
VulDB Temp Score: 7.2
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Input validationCWE: CWE-20
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 67218
Nessus Name: Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers (cisco-sa-20130410-asr1000)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Upgrade: IOS XE 3.4.5S
Timeline
01/11/2013 🔍04/10/2013 🔍
04/10/2013 🔍
04/10/2013 🔍
04/10/2013 🔍
04/11/2013 🔍
04/11/2013 🔍
04/11/2013 🔍
04/11/2013 🔍
04/14/2013 🔍
05/08/2021 🔍
Sources
Vendor: cisco.comAdvisory: cisco-sa-20130410-asr1000
Organization: Cisco
Status: Confirmed
Coordinated: 🔍
CVE: CVE-2013-1165 (🔍)
GCVE (CVE): GCVE-0-2013-1165
GCVE (VulDB): GCVE-100-8227
IAVM: 🔍
X-Force: 83368
SecurityFocus: 59007 - Cisco IOS XE L2TP Traffic Remote Denial of Service Vulnerability
Secunia: 53011 - Cisco IOS XE 1000 Series ASR Denial of Service Vulnerabilities, Moderately Critical
OSVDB: 92207
SecurityTracker: 1028418 - Cisco IOS XE for 1000 Series Aggregation Services Routers Lets Remote Users Deny Service
Vulnerability Center: 39090 - [cisco-sa-20130410-asr1000] Cisco IOS XE 2.x and 3.x Remote DoS via Crafted L2TP Packets, High
scip Labs: https://www.scip.ch/en/?labs.20150108
See also: 🔍
Entry
Created: 04/11/2013 11:47Updated: 05/08/2021 08:22
Changes: 04/11/2013 11:47 (72), 04/27/2017 08:29 (12), 05/08/2021 08:22 (3)
Complete: 🔍
Committer:
Cache ID: 216::103
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.