Lucene search

CiscoCISCO-SA-20130327-RSVP

HistoryMar 27, 2013 - 4:00 p.m.

Cisco IOS Software Resource Reservation Protocol Denial of Service Vulnerability

2013-03-2716:00:00

tools.cisco.com

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.002 Low

EPSS

Percentile

52.0%

JSON

The Resource Reservation Protocol (RSVP) feature in Cisco IOS Software and Cisco IOS XE Software contains a vulnerability when used on a device that has Multiprotocol Label Switching with Traffic Engineering (MPLS-TE) enabled. Successful exploitation of the vulnerability could allow an unauthenticated, remote attacker to cause a reload of the affected device. Repeated exploitation could result in a sustained denial of service (DoS) condition.

Cisco has released software updates that address this vulnerability. There are no workarounds available to mitigate this vulnerability. This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-rsvp[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-rsvp”]

Note: The March 27, 2013, Cisco IOS Software Security Advisory bundled publication includes seven Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the March 2013 bundled publication.

Individual publication links are in “Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication” at the following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar13.html[“http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar13.html”]

Affected configurations

Vulners

Node

ciscoiosMatch12.2se

ciscoiosMatch12.2zi

ciscoiosMatch12.2ex

ciscoiosMatch12.2ez

ciscoiosMatch12.2sre

ciscoiosMatch15.0s

ciscoiosMatch15.2s

ciscoiosMatch15.1s

ciscoiosMatch15.0se

ciscoiosMatch15.1sg

ciscoiosMatch15.0mr

ciscoiosMatch15.1sy

ciscoiosMatch15.1mra

ciscoiosMatch15.2sc

ciscoiosMatch15.2sd

ciscoiosMatch15.1svg

ciscoiosMatch15.1svh

ciscoiosMatch15.1svi

ciscoiosMatch15.1svj

ciscoiosMatch15.1svr

ciscoiosMatch15.1svs

ciscoiosMatch15.1svt

ciscoiosMatch15.1svu

ciscoiosMatch15.1svv

ciscoiosMatch15.1svw

ciscoiosMatch15.1svx

ciscocisco_iosMatch3.7sxe

ciscoiosMatch12.2\(58\)se

ciscoiosMatch12.2\(58\)se1

ciscoiosMatch12.2\(58\)se2

ciscoiosMatch12.2\(33\)zi

ciscoiosMatch12.2\(58\)ex

ciscoiosMatch12.2\(58\)ez

ciscoiosMatch12.2\(33\)sre1

ciscoiosMatch12.2\(33\)sre2

ciscoiosMatch12.2\(33\)sre3

ciscoiosMatch12.2\(33\)sre4

ciscoiosMatch12.2\(33\)sre

ciscoiosMatch12.2\(33\)sre0a

ciscoiosMatch12.2\(33\)sre5

ciscoiosMatch12.2\(33\)sre6

ciscoiosMatch12.2\(33\)sre7

ciscoiosMatch12.2\(33\)sre7a

ciscoiosMatch15.0\(1\)s2

ciscoiosMatch15.0\(1\)s1

ciscoiosMatch15.0\(1\)s

ciscoiosMatch15.0\(1\)s3a

ciscoiosMatch15.0\(1\)s4

ciscoiosMatch15.0\(1\)s5

ciscoiosMatch15.0\(1\)s4a

ciscoiosMatch15.0\(1\)s6

ciscoiosMatch15.2\(1\)s

ciscoiosMatch15.2\(2\)s

ciscoiosMatch15.2\(1\)s1

ciscoiosMatch15.2\(4\)s

ciscoiosMatch15.2\(1\)s2

ciscoiosMatch15.2\(2\)s1

ciscoiosMatch15.2\(2\)s2

ciscoiosMatch15.2\(2\)s0a

ciscoiosMatch15.2\(2\)s0c

ciscoiosMatch15.2\(2\)s0d

ciscoiosMatch15.2\(4\)s1

ciscoiosMatch15.2\(4\)s0c

ciscoiosMatch15.1\(2\)s

ciscoiosMatch15.1\(1\)s

ciscoiosMatch15.1\(1\)s1

ciscoiosMatch15.1\(3\)s

ciscoiosMatch15.1\(1\)s2

ciscoiosMatch15.1\(2\)s1

ciscoiosMatch15.1\(2\)s2

ciscoiosMatch15.1\(3\)s1

ciscoiosMatch15.1\(3\)s0a

ciscoiosMatch15.1\(3\)s2

ciscoiosMatch15.1\(3\)s4

ciscoiosMatch15.1\(3\)s3

ciscoiosMatch15.0\(1\)se

ciscoiosMatch15.0\(2\)se

ciscoiosMatch15.0\(1\)se1

ciscoiosMatch15.0\(1\)se2

ciscoiosMatch15.0\(1\)se3

ciscoiosMatch15.1\(1\)sg

ciscoiosMatch15.1\(2\)sg

ciscoiosMatch15.1\(1\)sg1

ciscoiosMatch15.1\(1\)sg2

ciscoiosMatch15.1\(2\)sg1

ciscoiosMatch15.1\(2\)sg2

ciscoiosMatch15.1\(2\)sg3

ciscoiosMatch15.1\(2\)sg4

ciscoiosMatch15.1\(2\)sg5

ciscoiosMatch15.1\(2\)sg6

ciscoiosMatch15.1\(2\)sg7

ciscoiosMatch15.0\(1\)mr

ciscoiosMatch15.0\(2\)mr

ciscoiosMatch15.1\(1\)sy

ciscoiosMatch15.1\(3\)mra

ciscoiosMatch15.2\(1\)sc1a

ciscoiosMatch15.2\(2\)sc

ciscoiosMatch15.2\(2\)sc1

ciscoiosMatch15.2\(2\)sc3

ciscoiosMatch15.2\(2\)sc4

ciscoiosMatch15.2\(1\)sd1

ciscoiosMatch15.2\(1\)sd2

ciscoiosMatch15.2\(1\)sd3

ciscoiosMatch15.2\(1\)sd4

ciscoiosMatch15.2\(1\)sd6

ciscoiosMatch15.2\(1\)sd6a

ciscoiosMatch15.2\(1\)sd7

ciscoiosMatch15.2\(1\)sd8

ciscoiosMatch15.1\(3\)svg

ciscoiosMatch15.1\(3\)svg2

ciscoiosMatch15.1\(3\)svg3

ciscoiosMatch15.1\(3\)svg1b

ciscoiosMatch15.1\(3\)svg1c

ciscoiosMatch15.1\(3\)svg3a

ciscoiosMatch15.1\(3\)svg3b

ciscoiosMatch15.1\(3\)svg3c

ciscoiosMatch15.1\(3\)svg2a

ciscoiosMatch15.1\(3\)svg1a

ciscoiosMatch15.1\(3\)svh

ciscoiosMatch15.1\(3\)svh2

ciscoiosMatch15.1\(3\)svh4

ciscoiosMatch15.1\(3\)svh4a

ciscoiosMatch15.1\(3\)svi2

ciscoiosMatch15.1\(3\)svi1a

ciscoiosMatch15.1\(3\)svi2a

ciscoiosMatch15.1\(3\)svi3

ciscoiosMatch15.1\(3\)svi31a

ciscoiosMatch15.1\(3\)svi31b

ciscoiosMatch15.1\(3\)svi3b

ciscoiosMatch15.1\(3\)svi3c

ciscoiosMatch15.1\(3\)svj

ciscoiosMatch15.1\(3\)svj2

ciscoiosMatch15.1\(3\)svr1

ciscoiosMatch15.1\(3\)svr2

ciscoiosMatch15.1\(3\)svr3

ciscoiosMatch15.1\(3\)svs

ciscoiosMatch15.1\(3\)svs1

ciscoiosMatch15.1\(3\)svt1

ciscoiosMatch15.1\(3\)svt2

ciscoiosMatch15.1\(3\)svt3

ciscoiosMatch15.1\(3\)svt4

ciscoiosMatch15.1\(3\)svu1

ciscoiosMatch15.1\(3\)svu10

ciscoiosMatch15.1\(3\)svu2

ciscoiosMatch15.1\(3\)svu11

ciscoiosMatch15.1\(3\)svu21

ciscoiosMatch15.1\(3\)svv1

ciscoiosMatch15.1\(3\)svv2

ciscoiosMatch15.1\(3\)svv3

ciscoiosMatch15.1\(3\)svv4

ciscoiosMatch15.1\(3\)svw

ciscoiosMatch15.1\(3\)svw1

ciscoiosMatch15.1\(3\)svx

ciscoiosMatch15.1\(3\)svx1

ciscocisco_iosMatch3.7.0sxe

ciscocisco_iosMatch3.7.1sxe

CPENameOperatorVersion
ioseq12.2SE
ioseq12.2ZI
ioseq12.2EX
ioseq12.2EZ
ioseq12.2SRE
ioseq15.0S
ioseq15.2S
ioseq15.1S
ioseq15.0SE
ioseq15.1SG

Name	Operator	Version
ios	eq	12.2SE
ios	eq	12.2ZI
ios	eq	12.2EX
ios	eq	12.2EZ
ios	eq	12.2SRE
ios	eq	15.0S
ios	eq	15.2S
ios	eq	15.1S
ios	eq	15.0SE
ios	eq	15.1SG

Rows per page:

1-10 of 1561

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-rsvp

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

0.002 Low

EPSS

Percentile

52.0%

JSON

Related for CISCO-SA-20130327-RSVP