Sign-up

ID

VAR-201311-0232


CVE

CVE-2013-6694


TITLE

Cisco IOS IPSec MTU Remote Denial of Service Vulnerability

Trust: 0.9

sources: CNVD: CNVD-2013-14709 // BID: 63874

DESCRIPTION

The IPSec implementation in Cisco IOS allows remote attackers to cause a denial of service (MTU change and tunnel-session drop) via crafted ICMP packets, aka Bug ID CSCul29918. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. The vulnerability is caused by the failure to correctly process some ICMP packets. Cisco IOS is prone to a remote denial-of-service vulnerability. This issue is being tracked by Cisco Bug ID CSCul29918

Trust: 2.52

sources: NVD: CVE-2013-6694 // JVNDB: JVNDB-2013-005239 // CNVD: CNVD-2013-14709 // BID: 63874 // VULHUB: VHN-66696

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2013-14709

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion: -

Trust: 1.6

vendor:ciscomodel:iosscope:lteversion:15.2(4)m

Trust: 0.8

vendor:ciscomodel:iosscope: - version: -

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:0

Trust: 0.3

sources: CNVD: CNVD-2013-14709 // BID: 63874 // JVNDB: JVNDB-2013-005239 // CNNVD: CNNVD-201311-365 // NVD: CVE-2013-6694

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-6694
value: MEDIUM

Trust: 1.0

NVD: CVE-2013-6694
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2013-14709
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201311-365
value: MEDIUM

Trust: 0.6

VULHUB: VHN-66696
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2013-6694
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2013-14709
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-66696
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2013-14709 // VULHUB: VHN-66696 // JVNDB: JVNDB-2013-005239 // CNNVD: CNNVD-201311-365 // NVD: CVE-2013-6694

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-66696 // JVNDB: JVNDB-2013-005239 // NVD: CVE-2013-6694

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201311-365

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201311-365

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-005239

PATCH
title:Cisco IOS Software IPSec MTU Vulnerabilityurl:http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6694
Trust: 0.8
title:31874url:http://tools.cisco.com/security/center/viewAlert.x?alertId=31874
Trust: 0.8
title:Patch for Cisco IOS IPSec MTU Remote Denial of Service Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/41313
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2013-14709 // 
            
            
            
            JVNDB: JVNDB-2013-005239

EXTERNAL IDS
db:NVDid:CVE-2013-6694
Trust: 3.4
db:BIDid:63874
Trust: 1.0
db:JVNDBid:JVNDB-2013-005239
Trust: 0.8
db:CNNVDid:CNNVD-201311-365
Trust: 0.7
db:CNVDid:CNVD-2013-14709
Trust: 0.6
db:CISCOid:20131122 CISCO IOS SOFTWARE IPSEC MTU VULNERABILITY
Trust: 0.6
db:VULHUBid:VHN-66696
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2013-14709 // 
            
            
            
            VULHUB: VHN-66696 // 
            
            
            
            BID: 63874 // 
            
            
            
            JVNDB: JVNDB-2013-005239 // 
            
            
            
            CNNVD: CNNVD-201311-365 // 
            
            
            
            NVD: CVE-2013-6694

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-6694
Trust: 2.3
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6694
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6694
Trust: 0.8
url:http://tools.cisco.com/support/bugtoolkit/search/getbugdetails.do?method=fetchbugdetails&bugid=cscul29918
Trust: 0.6
url:http://www.cisco.com/
Trust: 0.3
url:http://www.cisco.com/en/us/products/sw/iosswrel/products_ios_cisco_ios_software_category_home.html
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2013-14709 // 
            
            
            
            VULHUB: VHN-66696 // 
            
            
            
            BID: 63874 // 
            
            
            
            JVNDB: JVNDB-2013-005239 // 
            
            
            
            CNNVD: CNNVD-201311-365 // 
            
            
            
            NVD: CVE-2013-6694

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 63874

SOURCES
db:CNVDid:CNVD-2013-14709
db:VULHUBid:VHN-66696
db:BIDid:63874
db:JVNDBid:JVNDB-2013-005239
db:CNNVDid:CNNVD-201311-365
db:NVDid:CVE-2013-6694

LAST UPDATE DATE
2025-04-11T23:18:52.996000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2013-14709date:2013-11-26T00:00:00
db:VULHUBid:VHN-66696date:2013-11-25T00:00:00
db:BIDid:63874date:2013-11-22T00:00:00
db:JVNDBid:JVNDB-2013-005239date:2013-11-27T00:00:00
db:CNNVDid:CNNVD-201311-365date:2013-11-29T00:00:00
db:NVDid:CVE-2013-6694date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:CNVDid:CNVD-2013-14709date:2013-11-26T00:00:00
db:VULHUBid:VHN-66696date:2013-11-22T00:00:00
db:BIDid:63874date:2013-11-22T00:00:00
db:JVNDBid:JVNDB-2013-005239date:2013-11-27T00:00:00
db:CNNVDid:CNNVD-201311-365date:2013-11-29T00:00:00
db:NVDid:CVE-2013-6694date:2013-11-22T19:55:09.890