Cisco uBR10000 Series IPv4/IPv6 Dual Stack Vulnerability

2013-04-11T21:00:00
ID CISCO-SA-20130411-CVE-2013-1189
Type cisco
Reporter Cisco
Modified 2013-04-11T20:59:41

Description

Cisco uBR10000 Series Universal Broadband Routers contain a vulnerability that could allow an unauthenticated, adjacent attacker to trigger the reload of the routing engine on the affected device.

An attacker could exploit this vulnerability by manipulating IPv4 and IPv6 address assignments on a dual-stack modem connected to the affected device.

Cisco has confirmed the vulnerability in a security notice and software updates are available.

To exploit the vulnerability, a dual-stack modem must be connected to an affected device. In addition, an attacker must have access to a trusted, internal network to manipulate the modem in a manner to trigger the vulnerability. This access requirement may reduce the likelihood of a successful attack.