Sign-up

ID

VAR-201304-0254


CVE

CVE-2013-1189


TITLE

Cisco Universal broadband 10000 Service operation interruption in series routers (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-002228

DESCRIPTION

Cisco Universal Broadband (aka uBR) 10000 series routers, when an IPv4/IPv6 dual-stack modem is used, allow remote attackers to cause a denial of service (routing-engine reload) via unspecified changes to IP address assignments, aka Bug ID CSCue15313. The Cisco uBR 10000 Series is a router device from Cisco. A security vulnerability exists in the Cisco uBR 10000 that allows unauthenticated remote attackers to conduct denial of service attacks. By operating the IPv4 and IPv6 address assignments of a dual-stack modem connected to the affected device, an attacker in a neighboring network can reload the router engine in the device. Successful exploits will cause an affected device to reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCue15313. Successful exploitation of the vulnerability requires the program to use IPv4/IPv6 dual-track routers

Trust: 2.61

sources: NVD: CVE-2013-1189 // JVNDB: JVNDB-2013-002228 // CNVD: CNVD-2013-03012 // BID: 59035 // VULHUB: VHN-61191 // VULMON: CVE-2013-1189

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2013-03012

AFFECTED PRODUCTS

vendor:ciscomodel:ubr10012scope:eqversion: -

Trust: 1.6

vendor:ciscomodel:ubr10012 series universal broadband routerscope: - version: -

Trust: 0.8

vendor:ciscomodel:ubr seriesscope:eqversion:10000

Trust: 0.6

sources: CNVD: CNVD-2013-03012 // JVNDB: JVNDB-2013-002228 // CNNVD: CNNVD-201304-192 // NVD: CVE-2013-1189

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-1189
value: MEDIUM

Trust: 1.0

NVD: CVE-2013-1189
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2013-03012
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201304-192
value: MEDIUM

Trust: 0.6

VULHUB: VHN-61191
value: MEDIUM

Trust: 0.1

VULMON: CVE-2013-1189
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2013-1189
severity: MEDIUM
baseScore: 5.7
vectorString: AV:A/AC:M/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 5.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2013-03012
severity: MEDIUM
baseScore: 5.7
vectorString: AV:A/AC:M/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 5.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-61191
severity: MEDIUM
baseScore: 5.7
vectorString: AV:A/AC:M/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 5.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2013-03012 // VULHUB: VHN-61191 // VULMON: CVE-2013-1189 // JVNDB: JVNDB-2013-002228 // CNNVD: CNNVD-201304-192 // NVD: CVE-2013-1189

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-61191 // JVNDB: JVNDB-2013-002228 // NVD: CVE-2013-1189

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201304-192

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201304-192

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-002228

PATCH
title:Cisco AnyConnect ciscod.exe Heap Overflow Vulnerabilityurl:http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1189
Trust: 0.8
title:28927url:http://tools.cisco.com/security/center/viewAlert.x?alertId=28927
Trust: 0.8
title:Cisco uBR 10000 Series IPv4 / IPv6 Address Assignment Operation Denial of Service Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/33257
Trust: 0.6
title:Cisco: Cisco uBR10000 Series IPv4/IPv6 Dual Stack Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=Cisco-SA-20130411-CVE-2013-1189
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2013-03012 // 
            
            
            
            VULMON: CVE-2013-1189 // 
            
            
            
            JVNDB: JVNDB-2013-002228

EXTERNAL IDS
db:NVDid:CVE-2013-1189
Trust: 3.5
db:JVNDBid:JVNDB-2013-002228
Trust: 0.8
db:CNNVDid:CNNVD-201304-192
Trust: 0.7
db:CNVDid:CNVD-2013-03012
Trust: 0.6
db:CISCOid:20130410 CISCO UBR10000 SERIES IPV4/IPV6 DUAL STACK VULNERABILITY
Trust: 0.6
db:BIDid:59035
Trust: 0.4
db:VULHUBid:VHN-61191
Trust: 0.1
db:VULMONid:CVE-2013-1189
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2013-03012 // 
            
            
            
            VULHUB: VHN-61191 // 
            
            
            
            VULMON: CVE-2013-1189 // 
            
            
            
            BID: 59035 // 
            
            
            
            JVNDB: JVNDB-2013-002228 // 
            
            
            
            CNNVD: CNNVD-201304-192 // 
            
            
            
            NVD: CVE-2013-1189

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-1189
Trust: 2.4
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1189
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1189
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/20.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130411-cve-2013-1189
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2013-03012 // 
            
            
            
            VULHUB: VHN-61191 // 
            
            
            
            VULMON: CVE-2013-1189 // 
            
            
            
            BID: 59035 // 
            
            
            
            JVNDB: JVNDB-2013-002228 // 
            
            
            
            CNNVD: CNNVD-201304-192 // 
            
            
            
            NVD: CVE-2013-1189

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 59035

SOURCES
db:CNVDid:CNVD-2013-03012
db:VULHUBid:VHN-61191
db:VULMONid:CVE-2013-1189
db:BIDid:59035
db:JVNDBid:JVNDB-2013-002228
db:CNNVDid:CNNVD-201304-192
db:NVDid:CVE-2013-1189

LAST UPDATE DATE
2025-04-11T23:07:17.272000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2013-03012date:2013-05-27T00:00:00
db:VULHUBid:VHN-61191date:2013-04-11T00:00:00
db:VULMONid:CVE-2013-1189date:2013-04-11T00:00:00
db:BIDid:59035date:2013-04-12T11:08:00
db:JVNDBid:JVNDB-2013-002228date:2013-04-15T00:00:00
db:CNNVDid:CNNVD-201304-192date:2013-04-12T00:00:00
db:NVDid:CVE-2013-1189date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:CNVDid:CNVD-2013-03012date:2013-04-15T00:00:00
db:VULHUBid:VHN-61191date:2013-04-11T00:00:00
db:VULMONid:CVE-2013-1189date:2013-04-11T00:00:00
db:BIDid:59035date:2013-04-10T00:00:00
db:JVNDBid:JVNDB-2013-002228date:2013-04-15T00:00:00
db:CNNVDid:CNNVD-201304-192date:2013-04-12T00:00:00
db:NVDid:CVE-2013-1189date:2013-04-11T10:55:02.123