PT-2013-6092 · Cisco · Cisco Ios Xe

Published

2013-11-29

Updated

2016-11-02

CVE-2013-6706

CVSS v2.0

5.4

Medium

Vector

AV:N/AC:H/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Cisco IOS XE (affected versions not specified)

Description A denial of service issue exists due to improper handling of Multiprotocol Label Switching (MPLS) packets during IP header validation. This could allow an unauthenticated, remote attacker to cause an affected device to reload, leading to a denial of service condition. The vulnerability is triggered by sending crafted MPLS packets to an affected device, which can cause the device to reload. The attacker may need access to trusted, internal networks to send these packets.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2013-6706

Affected Products

Cisco Ios Xe

PT-2013-6092 · Cisco · Cisco Ios Xe

CVE-2013-6706

Weakness Enumeration

Related Identifiers

Affected Products

References · 8