CVE-2013-6981

Name of the Vulnerable Software and Affected Versions Cisco IOS XE versions 3.7S(.1) and earlier

Description A vulnerability in the Multiprotocol Label Switching (MPLS) IP fragmentation function could allow an unauthenticated, remote attacker to cause the Cisco Packet Processor to crash. The issue is due to input validation processing of crafted MPLS IP packets. An attacker could exploit this by injecting specifically crafted MPLS IP packets subject to MPLS fragmentation, potentially allowing them to crash the Cisco Packet Processor process in Cisco IOS XE software. To exploit this, an attacker would likely need access to trusted, internal networks to send crafted packets to the targeted device.

Recommendations For Cisco IOS XE versions 3.7S(.1) and earlier, update to a newer version that includes the fix for this issue, as indicated by Cisco's security notice and software updates. As a temporary workaround, consider restricting access to internal networks to minimize the risk of exploitation.