CVE-2013-5545

2022-10-0316:14:55

CWE-20

[email protected]

web.nvd.nist.gov

cve-2013-5545

pptp

alg

cisco ios xe

denial of service

nat

bug id cscuh19936

nvd

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.5%

JSON

The PPTP ALG implementation in Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending many PPTP packets over NAT, aka Bug ID CSCuh19936.

Affected configurations

NVD

Node

ciscoios_xeMatch3.9.0s

ciscoios_xeMatch3.9.1s

AND

ciscoasr_1001Match-

ciscoasr_1002Match-

ciscoasr_1002-xMatch-

ciscoasr_1004Match-

ciscoasr_1006Match-

ciscoasr_1023_routerMatch-

CPENameOperatorVersion
cisco:ios_xecisco ios xeeq3.9.0s
cisco:ios_xecisco ios xeeq3.9.1s
cisco:asr_1001cisco asr 1001eq-
cisco:asr_1002cisco asr 1002eq-
cisco:asr_1002-xcisco asr 1002-xeq-
cisco:asr_1004cisco asr 1004eq-
cisco:asr_1006cisco asr 1006eq-
cisco:asr_1023_routercisco asr 1023 routereq-

CPE	Name	Operator	Version
cisco:ios_xe	cisco ios xe	eq	3.9.0s
cisco:ios_xe	cisco ios xe	eq	3.9.1s
cisco:asr_1001	cisco asr 1001	eq	-
cisco:asr_1002	cisco asr 1002	eq	-
cisco:asr_1002-x	cisco asr 1002-x	eq	-
cisco:asr_1004	cisco asr 1004	eq	-
cisco:asr_1006	cisco asr 1006	eq	-
cisco:asr_1023_router	cisco asr 1023 router	eq	-