Lucene search

[email protected]CVE-2013-6704

HistoryDec 03, 2013 - 7:56 p.m.

CVE-2013-6704

2013-12-0319:56:32

CWE-399

[email protected]

web.nvd.nist.gov

cisco

ios xe

memory management

vulnerability

tftp

udp

denial of service

cve-2013-6704

nvd

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

AI Score

Confidence

High

EPSS

0.001

Percentile

48.6%

JSON

Cisco IOS XE does not properly manage memory for TFTP UDP flows, which allows remote attackers to cause a denial of service (memory consumption) via TFTP (1) client or (2) server traffic, aka Bug IDs CSCuh09324 and CSCty42686.

Affected configurations

NVD

Node

ciscoios_xeMatch-

VendorProductVersionCPE
ciscoios_xe-cpe:/o:cisco:ios_xe:-:::

Vendor	Product	Version	CPE
cisco	ios_xe	-	cpe:/o:cisco:ios_xe:-:::

References

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6704

www.securitytracker.com/id/1029424

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

AI Score

Confidence

High

EPSS

0.001

Percentile

48.6%

JSON

Related for CVE-2013-6704

prion1 cvelist1 nessus1 nvd1 cisco1