Details of VAR-201303-0389

ID

VAR-201303-0389

CVE

CVE-2013-1142

TITLE

Cisco IOS of VRF-aware NAT Service disruption in functionality ( Memory consumption ) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-002080

DESCRIPTION

Race condition in the VRF-aware NAT feature in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 allows remote attackers to cause a denial of service (memory consumption) via IPv4 packets, aka Bug IDs CSCtg47129 and CSCtz96745. Cisco IOS is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause an affected device to reload or become unresponsive, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCtg47129. Cisco IOS is an operating system developed by Cisco in the United States for its network equipment

Trust: 1.98

sources: NVD: CVE-2013-1142 // JVNDB: JVNDB-2013-002080 // BID: 58745 // VULHUB: VHN-61144

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	lte	version:	12.4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	gte	version:	15.0	Trust: 1.0
vendor:	cisco	model:	ios	scope:	gte	version:	12.2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	lte	version:	15.2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2 to 12.4	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	15.0 to 15.2	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	12.2zm	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.2zq	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.2zn	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.2zo	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.2zh	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.2zx	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.2zi	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.2zj	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.2zk	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.2zya	Trust: 0.6
vendor:	cisco	model:	ios 15.2s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.1ey	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.0sy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.0mr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.0m	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4yg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4ye	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4yd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4yb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4ya	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.4xv	Trust: 0.3
vendor:	cisco	model:	ios 12.4xt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xp	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xm	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xe	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4sw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4mrb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4mdb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4mda	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4md	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4gc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4 t8)	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3za	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3ys	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3ym	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xx	Trust: 0.3
vendor:	cisco	model:	ios 12.3xw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xm	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xe	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3tpc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3jk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xo	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sxj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sxi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sxh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sre	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2srd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2src	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2srb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sra	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sm	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sga	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2seg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2scf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2irh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2irg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2irf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ird	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2irc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2irb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ira	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2fz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2fy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2fx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ez	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ey	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ex	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ewa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ew	scope:	-	version:	-	Trust: 0.3

sources: BID: 58745 // JVNDB: JVNDB-2013-002080 // CNNVD: CNNVD-201303-562 // NVD: CVE-2013-1142

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-1142
value:	HIGH
Trust: 1.0
NVD:	CVE-2013-1142
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201303-562
value:	HIGH
Trust: 0.6
VULHUB:	VHN-61144
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2013-1142
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-61144
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-61144 // JVNDB: JVNDB-2013-002080 // CNNVD: CNNVD-201303-562 // NVD: CVE-2013-1142

PROBLEMTYPE DATA

problemtype:

CWE-362

Trust: 1.9

sources: VULHUB: VHN-61144 // JVNDB: JVNDB-2013-002080 // NVD: CVE-2013-1142

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201303-562

TYPE

competition condition problem

Trust: 0.6

sources: CNNVD: CNNVD-201303-562

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-002080

PATCH

title:	cisco-sa-20130327-nat	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-nat	Trust: 0.8
title:	Cisco IOS Software VRF-Aware NAT Memory Starvation Vulnerability	url:	http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1142	Trust: 0.8
title:	cisco-sa-20130327-nat	url:	http://www.cisco.com/cisco/web/support/JP/111/1117/1117675_cisco-sa-20130327-nat-j.html	Trust: 0.8
title:	Cisco IOS Network Address Translation Remediation measures for remote denial of service vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=125163	Trust: 0.6

sources: JVNDB: JVNDB-2013-002080 // CNNVD: CNNVD-201303-562

EXTERNAL IDS

db:	NVD	id:	CVE-2013-1142	Trust: 2.8
db:	JVNDB	id:	JVNDB-2013-002080	Trust: 0.8
db:	CNNVD	id:	CNNVD-201303-562	Trust: 0.7
db:	BID	id:	58745	Trust: 0.4
db:	VULHUB	id:	VHN-61144	Trust: 0.1

sources: VULHUB: VHN-61144 // BID: 58745 // JVNDB: JVNDB-2013-002080 // CNNVD: CNNVD-201303-562 // NVD: CVE-2013-1142

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130327-nat	Trust: 1.7
url:	http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-1142	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1142	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1142	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: VULHUB: VHN-61144 // BID: 58745 // JVNDB: JVNDB-2013-002080 // CNNVD: CNNVD-201303-562 // NVD: CVE-2013-1142

CREDITS

Cisco

Trust: 0.9

sources: BID: 58745 // CNNVD: CNNVD-201303-562

SOURCES

db:	VULHUB	id:	VHN-61144
db:	BID	id:	58745
db:	JVNDB	id:	JVNDB-2013-002080
db:	CNNVD	id:	CNNVD-201303-562
db:	NVD	id:	CVE-2013-1142

LAST UPDATE DATE

2025-04-11T23:12:01.354000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-61144	date:	2020-07-28T00:00:00
db:	BID	id:	58745	date:	2015-03-19T09:05:00
db:	JVNDB	id:	JVNDB-2013-002080	date:	2013-04-23T00:00:00
db:	CNNVD	id:	CNNVD-201303-562	date:	2020-07-29T00:00:00
db:	NVD	id:	CVE-2013-1142	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-61144	date:	2013-03-28T00:00:00
db:	BID	id:	58745	date:	2013-03-27T00:00:00
db:	JVNDB	id:	JVNDB-2013-002080	date:	2013-04-01T00:00:00
db:	CNNVD	id:	CNNVD-201303-562	date:	2013-03-28T00:00:00
db:	NVD	id:	CVE-2013-1142	date:	2013-03-28T23:55:01.547