CVE-2013-5548

Name of the Vulnerable Software and Affected Versions Cisco IOS (affected versions not specified)

Description The issue allows remote attackers to bypass certain IPsec anti-replay features via IPsec tunnel traffic when AES-GCM or AES-GMAC is used. This occurs due to improper coding of the logic required to enable or disable the anti-replay capabilities of an IPsec Phase 2 SA. An attacker could exploit this by sending traffic that will traverse an IPsec tunnel, potentially allowing the replay of previously sent traffic if the application consuming the traffic does not implement its own sequence or anti-replay checks. Neither the confidentiality nor the authentication capabilities of IPsec are affected.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.