Vulnerability Description
The ISM module in Cisco IOS on ISR G2 routers does not properly handle authentication-header packets, which allows remote authenticated users to cause a denial of service (module reload) via a series of malformed packets, aka Bug ID CSCub92025.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios | - |
| Cisco | 1921 Integrated Services Router | - |
| Cisco | 1941 Integrated Services Router | - |
| Cisco | 1941W Integrated Services Router | - |
| Cisco | 2901 Integrated Services Router | - |
| Cisco | 2911 Integrated Services Router | - |
| Cisco | 2921 Integrated Services Router | - |
| Cisco | 2951 Integrated Services Router | - |
| Cisco | 3925 Integrated Services Router | - |
| Cisco | 3925E Integrated Services Router | - |
| Cisco | 3945 Integrated Services Router | - |
| Cisco | 3945E Integrated Services Router | - |
| Cisco | 861 Integrated Services Router | - |
| Cisco | 867 Integrated Services Router | - |
| Cisco | 880 3G Integrated Services Router | - |
| Cisco | 881 Integrated Services Router | - |
| Cisco | 886 Integrated Services Router | - |
| Cisco | 886Va-W Integrated Services Router | - |
| Cisco | 886Va Integrated Services Router | - |
| Cisco | 887 Integrated Services Router | - |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1241Vendor Advisory
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1241Vendor Advisory
FAQ
What is CVE-2013-1241?
CVE-2013-1241 is a vulnerability with a CVSS score of 6.3 (MEDIUM). The ISM module in Cisco IOS on ISR G2 routers does not properly handle authentication-header packets, which allows remote authenticated users to cause a denial of service (module reload) via a series ...
How severe is CVE-2013-1241?
CVE-2013-1241 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-1241?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios, Cisco 1921 Integrated Services Router, Cisco 1941 Integrated Services Router, Cisco 1941W Integrated Services Router, Cisco 2901 Integrated Services Router.