CVE-2013-3436

Name of the Vulnerable Software and Affected Versions Cisco IOS (affected versions not specified)

Description The default configuration of the Group Encrypted Transport VPN (GET VPN) feature uses an improper mechanism for enabling Group Domain of Interpretation (GDOI) traffic flow. This allows remote attackers to bypass the encryption policy via certain uses of UDP port 848.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.