Cisco IOS XE 3.4 before 3.4.2S and 3.5 before 3.5.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via malformed ICMP error packets associated with a (1) TCP or (2) UDP session that is under inspection by the Zone-Based Firewall (ZBFW) component, aka Bug ID CSCtt26470.
References
Link | Resource |
---|---|
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
05 Oct 2021, 14:51
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:cisco:asr_1002-x_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1002_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1004_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1001_router:-:*:*:*:*:*:*:* |
cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:* |
Information
Published : 2013-10-31 21:55
Updated : 2024-02-04 18:16
NVD link : CVE-2013-5543
Mitre link : CVE-2013-5543
CVE.ORG link : CVE-2013-5543
JSON object : View
Products Affected
cisco
- ios_xe
- asr_1006
- asr_1001
- asr_1002-x
- asr_1023_router
- asr_1004
- asr_1002
CWE
CWE-20
Improper Input Validation