Lucene search

CiscoCISCO-SA-20130327-CCE

HistoryMar 27, 2013 - 4:00 p.m.

Cisco IOS Software Zone-Based Policy Firewall Session Initiation Protocol Inspection Denial of Service Vulnerability

2013-03-2716:00:00

tools.cisco.com

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

49.5%

JSON

Cisco IOS Software contains a memory leak vulnerability that could be triggered through the processing of malformed Session Initiation Protocol (SIP) messages. Exploitation of this vulnerability could cause an interruption of services. Only devices that are configured for SIP inspection are affected by this vulnerability.

Cisco has released software updates that address this vulnerability. There are no workarounds for devices that must run SIP inspection.

This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-cce[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-cce”]

Note: The March 27, 2013, Cisco IOS Software Security Advisory bundled publication includes seven Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the March 2013 bundled publication.

Individual publication links are in “Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication” at the following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar13.html[“http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar13.html”]

Affected configurations

Vulners

Node

ciscoiosMatch12.4mr

ciscoiosMatch12.4t

ciscoiosMatch12.4md

ciscoiosMatch12.4xz

ciscoiosMatch12.4xr

ciscoiosMatch12.4mda

ciscoiosMatch12.4yg

ciscoiosMatch15.0m

ciscoiosMatch15.0xa

ciscoiosMatch15.1t

ciscoiosMatch15.1xb

ciscoiosMatch12.4mrb

ciscoiosMatch15.1m

ciscoiosMatch15.1gc

ciscoiosMatch12.4mdb

ciscoiosMatch12.4\(20\)mr

ciscoiosMatch12.4\(20\)mr2

ciscoiosMatch12.4\(20\)mr1

ciscoiosMatch12.4\(20\)t

ciscoiosMatch12.4\(24\)t

ciscoiosMatch12.4\(24\)t3

ciscoiosMatch12.4\(20\)t1

ciscoiosMatch12.4\(22\)t1

ciscoiosMatch12.4\(24\)t5

ciscoiosMatch12.4\(24\)t4

ciscoiosMatch12.4\(20\)t3

ciscoiosMatch12.4\(22\)t

ciscoiosMatch12.4\(20\)t6

ciscoiosMatch12.4\(24\)t8

ciscoiosMatch12.4\(24\)t2

ciscoiosMatch12.4\(22\)t5

ciscoiosMatch12.4\(22\)t4

ciscoiosMatch12.4\(20\)t5

ciscoiosMatch12.4\(24\)t1

ciscoiosMatch12.4\(24\)t7

ciscoiosMatch12.4\(22\)t3

ciscoiosMatch12.4\(20\)t9

ciscoiosMatch12.4\(24\)t6

ciscoiosMatch12.4\(20\)t5a

ciscoiosMatch12.4\(20\)t2

ciscoiosMatch12.4\(22\)t2

ciscoiosMatch12.4\(20\)t4

ciscoiosMatch12.4\(24\)t4a

ciscoiosMatch12.4\(24\)t4b

ciscoiosMatch12.4\(24\)t3e

ciscoiosMatch12.4\(24\)t4c

ciscoiosMatch12.4\(24\)t4d

ciscoiosMatch12.4\(24\)t4e

ciscoiosMatch12.4\(24\)t3f

ciscoiosMatch12.4\(24\)t4f

ciscoiosMatch12.4\(24\)t4g

ciscoiosMatch12.4\(24\)t4h

ciscoiosMatch12.4\(24\)t4i

ciscoiosMatch12.4\(24\)t4j

ciscoiosMatch12.4\(24\)md1

ciscoiosMatch12.4\(24\)md

ciscoiosMatch12.4\(24\)md3

ciscoiosMatch12.4\(24\)md2

ciscoiosMatch12.4\(22\)md1

ciscoiosMatch12.4\(22\)md2

ciscoiosMatch12.4\(24\)md5

ciscoiosMatch12.4\(22\)md

ciscoiosMatch12.4\(24\)md4

ciscoiosMatch12.4\(24\)md6

ciscoiosMatch12.4\(24\)md7

ciscoiosMatch12.4\(15\)xz

ciscoiosMatch12.4\(15\)xz2

ciscoiosMatch12.4\(15\)xz1

ciscoiosMatch12.4\(22\)xr5

ciscoiosMatch12.4\(22\)xr4

ciscoiosMatch12.4\(22\)xr7

ciscoiosMatch12.4\(22\)xr2

ciscoiosMatch12.4\(22\)xr6

ciscoiosMatch12.4\(22\)xr10

ciscoiosMatch12.4\(22\)xr1

ciscoiosMatch12.4\(22\)xr9

ciscoiosMatch12.4\(22\)xr3

ciscoiosMatch12.4\(22\)xr8

ciscoiosMatch12.4\(22\)xr11

ciscoiosMatch12.4\(22\)xr12

ciscoiosMatch12.4\(24\)mda

ciscoiosMatch12.4\(22\)mda3

ciscoiosMatch12.4\(24\)mda5

ciscoiosMatch12.4\(22\)mda5

ciscoiosMatch12.4\(24\)mda3

ciscoiosMatch12.4\(22\)mda4

ciscoiosMatch12.4\(24\)mda4

ciscoiosMatch12.4\(24\)mda1

ciscoiosMatch12.4\(22\)mda

ciscoiosMatch12.4\(22\)mda2

ciscoiosMatch12.4\(22\)mda1

ciscoiosMatch12.4\(24\)mda2

ciscoiosMatch12.4\(22\)mda6

ciscoiosMatch12.4\(24\)mda6

ciscoiosMatch12.4\(24\)mda7

ciscoiosMatch12.4\(24\)mda8

ciscoiosMatch12.4\(24\)mda10

ciscoiosMatch12.4\(24\)mda9

ciscoiosMatch12.4\(24\)mda11

ciscoiosMatch12.4\(24\)mda12

ciscoiosMatch12.4\(24\)yg3

ciscoiosMatch12.4\(24\)yg4

ciscoiosMatch12.4\(24\)yg1

ciscoiosMatch12.4\(24\)yg2

ciscoiosMatch15.0\(1\)m1

ciscoiosMatch15.0\(1\)m5

ciscoiosMatch15.0\(1\)m4

ciscoiosMatch15.0\(1\)m3

ciscoiosMatch15.0\(1\)m2

ciscoiosMatch15.0\(1\)m6

ciscoiosMatch15.0\(1\)m

ciscoiosMatch15.0\(1\)m7

ciscoiosMatch15.0\(1\)m9

ciscoiosMatch15.0\(1\)m8

ciscoiosMatch15.0\(1\)m6a

ciscoiosMatch15.0\(1\)xa2

ciscoiosMatch15.0\(1\)xa4

ciscoiosMatch15.0\(1\)xa1

ciscoiosMatch15.0\(1\)xa3

ciscoiosMatch15.0\(1\)xa

ciscoiosMatch15.0\(1\)xa5

ciscoiosMatch15.1\(2\)t

ciscoiosMatch15.1\(1\)t4

ciscoiosMatch15.1\(3\)t2

ciscoiosMatch15.1\(1\)t1

ciscoiosMatch15.1\(2\)t0a

ciscoiosMatch15.1\(3\)t3

ciscoiosMatch15.1\(1\)t3

ciscoiosMatch15.1\(2\)t3

ciscoiosMatch15.1\(2\)t4

ciscoiosMatch15.1\(1\)t2

ciscoiosMatch15.1\(3\)t

ciscoiosMatch15.1\(2\)t2a

ciscoiosMatch15.1\(3\)t1

ciscoiosMatch15.1\(1\)t

ciscoiosMatch15.1\(2\)t2

ciscoiosMatch15.1\(2\)t1

ciscoiosMatch15.1\(2\)t5

ciscoiosMatch15.1\(3\)t4

ciscoiosMatch15.1\(1\)t5

ciscoiosMatch15.1\(1\)xb

ciscoiosMatch15.1\(1\)xb3

ciscoiosMatch15.1\(1\)xb1

ciscoiosMatch15.1\(1\)xb2

ciscoiosMatch15.1\(4\)xb4

ciscoiosMatch15.1\(4\)xb5

ciscoiosMatch15.1\(4\)xb6

ciscoiosMatch15.1\(4\)xb5a

ciscoiosMatch15.1\(4\)xb7

ciscoiosMatch15.1\(4\)xb8

ciscoiosMatch15.1\(4\)xb8a

ciscoiosMatch12.4\(20\)mrb

ciscoiosMatch12.4\(20\)mrb1

ciscoiosMatch15.1\(4\)m3

ciscoiosMatch15.1\(4\)m

ciscoiosMatch15.1\(4\)m1

ciscoiosMatch15.1\(4\)m2

ciscoiosMatch15.1\(4\)m5

ciscoiosMatch15.1\(4\)m4

ciscoiosMatch15.1\(4\)m0a

ciscoiosMatch15.1\(4\)m0b

ciscoiosMatch15.1\(4\)m3a

ciscoiosMatch15.1\(2\)gc

ciscoiosMatch15.1\(2\)gc1

ciscoiosMatch15.1\(2\)gc2

ciscoiosMatch15.1\(4\)gc

ciscoiosMatch12.4\(24\)mdb

ciscoiosMatch12.4\(24\)mdb1

ciscoiosMatch12.4\(24\)mdb3

ciscoiosMatch12.4\(24\)mdb4

ciscoiosMatch12.4\(24\)mdb5

ciscoiosMatch12.4\(24\)mdb6

ciscoiosMatch12.4\(24\)mdb7

ciscoiosMatch12.4\(24\)mdb5a

ciscoiosMatch12.4\(24\)mdb8

ciscoiosMatch12.4\(24\)mdb9

ciscoiosMatch12.4\(24\)mdb10

ciscoiosMatch12.4\(24\)mdb11

ciscoiosMatch12.4\(24\)mdb12

CPENameOperatorVersion
ioseq12.4MR
ioseq12.4T
ioseq12.4MD
ioseq12.4XZ
ioseq12.4XR
ioseq12.4MDA
ioseq12.4YG
ioseq15.0M
ioseq15.0XA
ioseq15.1T

Name	Operator	Version
ios	eq	12.4MR
ios	eq	12.4T
ios	eq	12.4MD
ios	eq	12.4XZ
ios	eq	12.4XR
ios	eq	12.4MDA
ios	eq	12.4YG
ios	eq	15.0M
ios	eq	15.0XA
ios	eq	15.1T

Rows per page:

1-10 of 1791

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-cce

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

49.5%

JSON

Related for CISCO-SA-20130327-CCE