Skip to main content

Intrusion Prevention System CVE-2013-3411

HIGH
2013-07-18 psirt@cisco.com
7.8
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:L/Au:N/C:N/I:N/A:C
Attack Vector
Network
Attack Complexity
Low
Confidentiality
None
Integrity
None
Availability
C

Lifecycle Timeline

1
CVE Published
Jul 18, 2013 - 12:48 cve.org
HIGH 7.8

DescriptionCVE.org

The IDSM-2 drivers in Cisco Intrusion Prevention System (IPS) Software on Cisco Catalyst 6500 devices with an IDSM-2 module allow remote attackers to cause a denial of service (device hang) via malformed IPv4 TCP packets, aka Bug ID CSCuh27460.

AnalysisAI

The IDSM-2 drivers in Cisco Intrusion Prevention System (IPS) Software on Cisco Catalyst 6500 devices with an IDSM-2 module allow remote attackers to cause a denial of service (device hang) via. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

The IDSM-2 drivers in Cisco Intrusion Prevention System (IPS) Software on Cisco Catalyst 6500 devices with an IDSM-2 module allow remote attackers to cause a denial of service (device hang) via malformed IPv4 TCP packets, aka Bug ID CSCuh27460. Affected products include: Cisco Intrusion Prevention System, Cisco Idsm-2.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2013-3410 HIGH
7.8 Jul 18

Cisco Intrusion Prevention System (IPS) Software on IPS NME devices before 7.0(9)E4 allows remote attackers to cause a d

CVE-2013-1243 HIGH
7.8 Jul 18

The IP stack in Cisco Intrusion Prevention System (IPS) Software in ASA 5500-X IPS-SSP software and hardware modules bef

CVE-2013-1218 HIGH
7.8 Jul 18

Cisco Intrusion Prevention System (IPS) Software in ASA 5500-X IPS-SSP software modules before 7.1(7)sp1E4 allows remote

CVE-2015-0654 HIGH
7.1 Mar 13

Race condition in the TLS implementation in MainApp in the management interface in Cisco Intrusion Prevention System (IP

CVE-2014-3406 HIGH
7.1 Oct 19

Race condition in the IP logging feature in Cisco Intrusion Prevention System (IPS) Software 7.1(7)E4 and earlier allows

CVE-2014-2103 MEDIUM
6.8 Feb 27

Cisco Intrusion Prevention System (IPS) Software allows remote attackers to cause a denial of service (MainApp process o

CVE-2014-3402 MEDIUM
5.0 Oct 10

The authentication-manager process in the web framework in Cisco Intrusion Prevention System (IPS) 7.0(8)E4 and earlier

CVE-2012-3901 MEDIUM
5.0 Sep 16

The updateTime function in sensorApp on Cisco IPS 4200 series sensors 7.0 and 7.1 allows remote attackers to cause a den

CVE-2012-3899 MEDIUM
5.0 Sep 16

sensorApp on Cisco IPS 4200 series sensors 6.0, 6.2, and 7.0 does not properly allocate memory, which allows remote atta

CVE-2013-5497 MEDIUM
4.3 Sep 19

The authentication manager process in the web framework in Cisco Intrusion Prevention System (IPS) does not properly han

CVE-2013-1219 MEDIUM
4.4 Apr 29

SensorApp in Cisco Intrusion Prevention System (IPS) allows local users to cause a denial of service (Regex hardware job

Share

CVE-2013-3411 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy