Sign-up

ID

VAR-201303-0393


CVE

CVE-2013-1146


TITLE

Cisco IOS of Smart Install Service operation interruption in client function ( Device reload ) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-002084

DESCRIPTION

The Smart Install client functionality in Cisco IOS 12.2 and 15.0 through 15.3 on Catalyst switches allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in Smart Install packets, aka Bug ID CSCub55790. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco IOS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the Smart Install client. A specially crafted packet can be sent to the SMI IBC server to instruct it to download the IOS config file and IOS image file(s). The attacker can specify a user account with highest access in the config file, allowing them to take complete control of the switch. An attacker can exploit this issue to cause an affected device to reload or become unresponsive, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCub55790. Cisco IOS is an operating system developed by Cisco in the United States for its network equipment

Trust: 2.61

sources: NVD: CVE-2013-1146 // JVNDB: JVNDB-2013-002084 // ZDI: ZDI-13-056 // BID: 58746 // VULHUB: VHN-61148

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion:12.2

Trust: 2.4

vendor:ciscomodel:iosscope:eqversion:15.2

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:15.0

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:15.0\(1\)se

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:15.3

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:15.1

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:15.0 to 15.3

Trust: 0.8

vendor:ciscomodel:iosscope: - version: -

Trust: 0.7

vendor:ciscomodel:ios 15.2gcscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 15.1gcscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 15.0sescope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2ezscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2eyscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 12.2exscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 15.2sscope:neversion: -

Trust: 0.3

vendor:ciscomodel:ios 12.2 exscope:neversion: -

Trust: 0.3

sources: ZDI: ZDI-13-056 // BID: 58746 // JVNDB: JVNDB-2013-002084 // CNNVD: CNNVD-201303-561 // NVD: CVE-2013-1146

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-1146
value: HIGH

Trust: 1.0

NVD: CVE-2013-1146
value: HIGH

Trust: 0.8

ZDI: CVE-2013-1146
value: HIGH

Trust: 0.7

CNNVD: CNNVD-201303-561
value: HIGH

Trust: 0.6

VULHUB: VHN-61148
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2013-1146
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

ZDI: CVE-2013-1146
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

VULHUB: VHN-61148
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: ZDI: ZDI-13-056 // VULHUB: VHN-61148 // JVNDB: JVNDB-2013-002084 // CNNVD: CNNVD-201303-561 // NVD: CVE-2013-1146

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-61148 // JVNDB: JVNDB-2013-002084 // NVD: CVE-2013-1146

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201303-561

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201303-561

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-002084

PATCH
title:cisco-sa-20130327-smartinstallurl:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-smartinstall
Trust: 1.5
title:Cisco IOS Software Smart Install Denial of Service Vulnerabilityurl:http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1146
Trust: 0.8
title:28648url:http://tools.cisco.com/security/center/viewAlert.x?alertId=28648
Trust: 0.8
title:cisco-sa-20130327-smartinstallurl:http://www.cisco.com/cisco/web/support/JP/111/1117/1117673_cisco-sa-20130327-smartinstall-j.html
Trust: 0.8
sources:
            
            
            ZDI: ZDI-13-056 // 
            
            
            
            JVNDB: JVNDB-2013-002084

EXTERNAL IDS
db:NVDid:CVE-2013-1146
Trust: 3.5
db:ZDIid:ZDI-13-056
Trust: 1.0
db:BIDid:58746
Trust: 1.0
db:JVNDBid:JVNDB-2013-002084
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-1568
Trust: 0.7
db:CNNVDid:CNNVD-201303-561
Trust: 0.7
db:CISCOid:20130327 CISCO IOS SOFTWARE SMART INSTALL DENIAL OF SERVICE VULNERABILITY
Trust: 0.6
db:SECUNIAid:52777
Trust: 0.6
db:VULHUBid:VHN-61148
Trust: 0.1
sources:
            
            
            ZDI: ZDI-13-056 // 
            
            
            
            VULHUB: VHN-61148 // 
            
            
            
            BID: 58746 // 
            
            
            
            JVNDB: JVNDB-2013-002084 // 
            
            
            
            CNNVD: CNNVD-201303-561 // 
            
            
            
            NVD: CVE-2013-1146

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130327-smartinstall
Trust: 2.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1146
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1146
Trust: 0.8
url:http://secunia.com/advisories/52777
Trust: 0.6
url:http://www.securityfocus.com/bid/58746
Trust: 0.6
url:http://www.cisco.com/
Trust: 0.3
url:http://www.zerodayinitiative.com/advisories/zdi-13-056/
Trust: 0.3
sources:
            
            
            ZDI: ZDI-13-056 // 
            
            
            
            VULHUB: VHN-61148 // 
            
            
            
            BID: 58746 // 
            
            
            
            JVNDB: JVNDB-2013-002084 // 
            
            
            
            CNNVD: CNNVD-201303-561 // 
            
            
            
            NVD: CVE-2013-1146

CREDITS
csico
Trust: 0.9
sources:
            
            
            BID: 58746 // 
            
            
            
            CNNVD: CNNVD-201303-561

SOURCES
db:ZDIid:ZDI-13-056
db:VULHUBid:VHN-61148
db:BIDid:58746
db:JVNDBid:JVNDB-2013-002084
db:CNNVDid:CNNVD-201303-561
db:NVDid:CVE-2013-1146

LAST UPDATE DATE
2025-04-11T23:18:55.153000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-13-056date:2013-04-09T00:00:00
db:VULHUBid:VHN-61148date:2013-03-29T00:00:00
db:BIDid:58746date:2013-04-09T17:38:00
db:JVNDBid:JVNDB-2013-002084date:2013-04-01T00:00:00
db:CNNVDid:CNNVD-201303-561date:2013-03-29T00:00:00
db:NVDid:CVE-2013-1146date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:ZDIid:ZDI-13-056date:2013-04-09T00:00:00
db:VULHUBid:VHN-61148date:2013-03-28T00:00:00
db:BIDid:58746date:2013-03-27T00:00:00
db:JVNDBid:JVNDB-2013-002084date:2013-04-01T00:00:00
db:CNNVDid:CNNVD-201303-561date:2013-03-28T00:00:00
db:NVDid:CVE-2013-1146date:2013-03-28T23:55:01.610