Details of VAR-201309-0444

ID

VAR-201309-0444

CVE

CVE-2013-5476

TITLE

Cisco IOS Service disruption in modern zone-based policy firewalls (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-004341

DESCRIPTION

The Zone-Based Firewall (ZFW) feature in Cisco IOS 15.1 through 15.2, when content filtering or HTTP ALG inspection is enabled, allows remote attackers to cause a denial of service (device reload or hang) via crafted IPv4 HTTP traffic, aka Bug ID CSCtx56174. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. A security vulnerability exists in the Cisco IOS domain-based firewall component that allows unauthenticated remote attackers to suspend or reload affected devices. If the device is configured with content filtering or HTTP application layer gateway detection, the attacker sends a specific HTTP packet to the affected device to trigger the vulnerability. The vulnerability can be successfully used to suspend the device or Overloading, causing a denial of service attack. The following devices are affected by this vulnerability: Cisco IOS 15.1 GC 15.1(4)GC, 15.1(4)GC1 | 15.1M 15.1(4)M2, 15.1(4)M3, 15.1(4)M3a, 15.1(4)M4, 15.1( 4) M5 | 15.1XB 15.1(4)XB6, 15.1(4)XB7, 15.1(4)XB8a | 15.2GC 15.2(1)GC, 15.2(1)GC1, 15.2(1)GC2, 15.2(2)GC, 15.2(3)GC, 15.2(3)GC1 | 15.2GCA 15.2(3)GCA | 15.2T 15.2(1)T, 15.2(1)T1, 15.2(1)T2, 15.2(1)T3, 15.2(1) T3a, 15.2(2)T, 15.2(2)T1, 15.2(2)T2, 15.2(2)T3, 15.2(2)T4, 15.2(3)T, 15.2(3)T1, 15.2(3)T2, 15.2(3)T3 | 15.2XA 15.2(3)XA. Cisco IOS is prone to a remote denial-of-service vulnerability. Exploiting this issue may allow remote attackers to trigger denial-of-service conditions. This issue is being tracked by Cisco Bug ID CSCtx56174

Trust: 2.52

sources: NVD: CVE-2013-5476 // JVNDB: JVNDB-2013-004341 // CNVD: CNVD-2013-13331 // BID: 62642 // VULHUB: VHN-65478

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2013-13331

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	eq	version:	15.2	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.1	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.1 to 15.2	Trust: 0.8
vendor:	cisco	model:	ios	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios 15.2t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.2gc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.2 t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.2 t1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.2 t2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.2 gc2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.1m	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.1gc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.1 m4	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.1 m3a	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.1 m3	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.1 m2	scope:	-	version:	-	Trust: 0.3

sources: CNVD: CNVD-2013-13331 // BID: 62642 // JVNDB: JVNDB-2013-004341 // CNNVD: CNNVD-201309-483 // NVD: CVE-2013-5476

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-5476
value:	HIGH
Trust: 1.0
NVD:	CVE-2013-5476
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2013-13331
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201309-483
value:	HIGH
Trust: 0.6
VULHUB:	VHN-65478
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2013-5476
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2013-13331
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-65478
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2013-13331 // VULHUB: VHN-65478 // JVNDB: JVNDB-2013-004341 // CNNVD: CNNVD-201309-483 // NVD: CVE-2013-5476

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-65478 // JVNDB: JVNDB-2013-004341 // NVD: CVE-2013-5476

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201309-483

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201309-483

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-004341

PATCH

title:	cisco-sa-20130925-cce	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-cce	Trust: 0.8
title:	30699	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=30699	Trust: 0.8
title:	cisco-sa-20130925-cce	url:	http://www.cisco.com/cisco/web/support/JP/111/1119/1119883_cisco-sa-20130925-cce-j.html	Trust: 0.8
title:	Patch for Cisco IOS Domain Firewall and Content Filtering Remote Denial of Service Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/39847	Trust: 0.6

sources: CNVD: CNVD-2013-13331 // JVNDB: JVNDB-2013-004341

EXTERNAL IDS

db:	NVD	id:	CVE-2013-5476	Trust: 3.4
db:	BID	id:	62642	Trust: 1.6
db:	JVNDB	id:	JVNDB-2013-004341	Trust: 0.8
db:	CNNVD	id:	CNNVD-201309-483	Trust: 0.7
db:	CNVD	id:	CNVD-2013-13331	Trust: 0.6
db:	CISCO	id:	20130925 CISCO IOS SOFTWARE ZONE-BASED FIREWALL AND CONTENT FILTERING VULNERABILITY	Trust: 0.6
db:	VULHUB	id:	VHN-65478	Trust: 0.1

sources: CNVD: CNVD-2013-13331 // VULHUB: VHN-65478 // BID: 62642 // JVNDB: JVNDB-2013-004341 // CNNVD: CNNVD-201309-483 // NVD: CVE-2013-5476

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130925-cce	Trust: 2.3
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5476	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5476	Trust: 0.8
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=30699	Trust: 0.6
url:	http://www.securityfocus.com/bid/62642	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3
url:	http://www.cisco.com/en/us/products/sw/iosswrel/products_ios_cisco_ios_software_category_home.html	Trust: 0.3

sources: CNVD: CNVD-2013-13331 // VULHUB: VHN-65478 // BID: 62642 // JVNDB: JVNDB-2013-004341 // CNNVD: CNNVD-201309-483 // NVD: CVE-2013-5476

CREDITS

Cisco

Trust: 0.9

sources: BID: 62642 // CNNVD: CNNVD-201309-483

SOURCES

db:	CNVD	id:	CNVD-2013-13331
db:	VULHUB	id:	VHN-65478
db:	BID	id:	62642
db:	JVNDB	id:	JVNDB-2013-004341
db:	CNNVD	id:	CNNVD-201309-483
db:	NVD	id:	CVE-2013-5476

LAST UPDATE DATE

2025-04-11T22:55:55.712000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2013-13331	date:	2013-09-29T00:00:00
db:	VULHUB	id:	VHN-65478	date:	2013-10-07T00:00:00
db:	BID	id:	62642	date:	2015-03-19T09:32:00
db:	JVNDB	id:	JVNDB-2013-004341	date:	2013-09-30T00:00:00
db:	CNNVD	id:	CNNVD-201309-483	date:	2013-09-27T00:00:00
db:	NVD	id:	CVE-2013-5476	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2013-13331	date:	2013-09-27T00:00:00
db:	VULHUB	id:	VHN-65478	date:	2013-09-27T00:00:00
db:	BID	id:	62642	date:	2013-09-25T00:00:00
db:	JVNDB	id:	JVNDB-2013-004341	date:	2013-09-30T00:00:00
db:	CNNVD	id:	CNNVD-201309-483	date:	2013-09-27T00:00:00
db:	NVD	id:	CVE-2013-5476	date:	2013-09-27T10:08:04.257