CVE-2013-1143

Severity Score

7.1

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The RSVP protocol implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S, when MPLS-TE is enabled, allows remote attackers to cause a denial of service (incorrect memory access and device reload) via a traffic engineering PATH message in an RSVP packet, aka Bug ID CSCtg39957.

La implementación del protocolo RSVP en Cisco IOS 12.2 y 15.0 a la 15.2 e IOS XE 3.1.xS a la 3.4.xS anteior a 3.4.5S y 3.5.xS a la 3.7.xS anterior a 3.7.2S, cuando está activado MPLS-TE, permite a atacantes remotos provocar una denegación de servicio (acceso incorrecto a memoria y recarga de dispositivo) a través de un mensaje del tipo "traffic engineering PATH" en un paquete RSVP. Aka Bug ID CSCtg39957.

*Credits: N/A

CVSS Scores

NISTv2 7.1

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2013-01-11 CVE Reserved
2013-03-28 CVE Published
2024-09-17 CVE Updated
2024-09-17 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CAPEC

References (2)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-rsvp	2013-03-29
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1143	2013-03-29

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.2 Search vendor "Cisco" for product "Ios" and version "12.2"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				15.0 Search vendor "Cisco" for product "Ios" and version "15.0"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				15.0\(1\)se Search vendor "Cisco" for product "Ios" and version "15.0\(1\)se"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				15.1 Search vendor "Cisco" for product "Ios" and version "15.1"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				15.2 Search vendor "Cisco" for product "Ios" and version "15.2"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				15.3 Search vendor "Cisco" for product "Ios" and version "15.3"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.1.0s Search vendor "Cisco" for product "Ios Xe" and version "3.1.0s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.1.1s Search vendor "Cisco" for product "Ios Xe" and version "3.1.1s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.1.2s Search vendor "Cisco" for product "Ios Xe" and version "3.1.2s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.1.3s Search vendor "Cisco" for product "Ios Xe" and version "3.1.3s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.1.4s Search vendor "Cisco" for product "Ios Xe" and version "3.1.4s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.2.0s Search vendor "Cisco" for product "Ios Xe" and version "3.2.0s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.2.1s Search vendor "Cisco" for product "Ios Xe" and version "3.2.1s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.2.2s Search vendor "Cisco" for product "Ios Xe" and version "3.2.2s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.3.0s Search vendor "Cisco" for product "Ios Xe" and version "3.3.0s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.3.1s Search vendor "Cisco" for product "Ios Xe" and version "3.3.1s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.3.2s Search vendor "Cisco" for product "Ios Xe" and version "3.3.2s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.3.3s Search vendor "Cisco" for product "Ios Xe" and version "3.3.3s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.4.0s Search vendor "Cisco" for product "Ios Xe" and version "3.4.0s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.4.1s Search vendor "Cisco" for product "Ios Xe" and version "3.4.1s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.4.2s Search vendor "Cisco" for product "Ios Xe" and version "3.4.2s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.4.3s Search vendor "Cisco" for product "Ios Xe" and version "3.4.3s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.5.0s Search vendor "Cisco" for product "Ios Xe" and version "3.5.0s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.5.1s Search vendor "Cisco" for product "Ios Xe" and version "3.5.1s"		-		Affected
Cisco Search vendor "Cisco"		Ios Xe Search vendor "Cisco" for product "Ios Xe"				3.5.2s Search vendor "Cisco" for product "Ios Xe" and version "3.5.2s"		-		Affected