Detections
Analytics
Cisco IOS XE OSPF Opaque LSA DoS (CSCui21030)
medium Nessus Plugin ID 78825
Language:
Synopsis
The remote device is affected by a denial of service vulnerability.Description
The remote Cisco device is affected by a denial of service vulnerability due to improper parsing of certain options in OSPF link-state advertisement (LSA) type 11 packets. A remote, unauthenticated attacker, using specially crafted OSPF packets with unusual options can cause a device reload, resulting in a denial of service.Solution
Upgrade to the relevant fixed version referenced in Cisco bug ID CSCui21030.See Also
http://www.nessus.org/u?2a23d9c5
https://tools.cisco.com/security/center/viewAlert.x?alertId=31201
Plugin Details
Severity: Medium
ID: 78825
File Name: cisco-sn-CVE-2013-5527-iosxe.nasl
Version: 1.10
Type: combined
Family: CISCO
Published: 11/3/2014
Updated: 5/3/2024
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Medium
Base Score: 5.7
Temporal Score: 4.2
Vector: CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:C
Vulnerability Information
CPE: cpe:/o:cisco:ios_xe
Required KB Items: Host/Cisco/IOS-XE/Version
Exploit Ease: No known exploits are available
Patch Publication Date: 10/10/2014
Vulnerability Publication Date: 10/10/2013
Reference Information
CVE: CVE-2013-5527
BID: 62904
CISCO-BUG-ID: CSCui21030