Summary
Cisco IOS XR Software is prone to a denial-of-service vulnerability.
Impact
Successfully exploiting this issue may allow an attacker to cause a denial-of-service condition.
Solution
Updates are available. Please see the references or vendor advisory for more information.
Insight
This issue is being tracked by Cisco Bug ID CSCuh30380.
Affected
Cisco IOS XR 3.3.0 through versions 4.2.0 are vulnerable. Customers that are running version 4.2.1 or later of Cisco IOS XR Software, or that have previously installed the Software Maintenance Upgrades (SMU) for Cisco bug ID CSCtz62593 are not affected by this vulnerability.
Detection
Check the IOS XR Version
References
Severity
Classification
-
CVE CVE-2013-5549 -
CVSS Base Score: 7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C
Related Vulnerabilities
- Cisco IOS XR Software Fragmented Packets Processing Denial of Service Vulnerability
- CISCO Secure ACS Management Interface Login Overflow
- Cisco TelePresence TC and TE Software Multiple Security Vulnerabilities
- Cisco VG248 login password is blank
- Multiple Cisco Products Multiple Remote Buffer Overflow Vulnerabilities