CVE-2013-6694

Name of the Vulnerable Software and Affected Versions Cisco IOS (affected versions not specified)

Description A vulnerability in the IPSec tunnel implementation allows an unauthenticated, remote attacker to change the tunnel MTU or path MTU and potentially cause IPSec tunnels to drop. This is due to incorrect processing of certain ICMP packets. An attacker could exploit this by sending specific ICMP packets to an affected device, changing the configured MTU value of the tunnel interface. The attacker may need access to trusted, internal networks to send these packets.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.