Details of VAR-201311-0240

ID

VAR-201311-0240

CVE

CVE-2013-6686

TITLE

Cisco IOS SSL VPN Interface Remote Denial of Service Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2013-14518 // CNNVD: CNNVD-201311-227

DESCRIPTION

The SSL VPN implementation in Cisco IOS 15.3(1)T2 and earlier allows remote authenticated users to cause a denial of service (interface queue wedge) via crafted DTLS packets in an SSL session, aka Bug IDs CSCuh97409 and CSCud90568. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. A remote denial of service vulnerability exists in Cisco IOS. Exploiting this vulnerability could allow a remote attacker to trigger a denial of service. This issue is being tracked by Cisco Bug IDs CSCuh97409 and CSCud90568. The vulnerability is caused by the program not properly handling DTLS packets

Trust: 2.52

sources: NVD: CVE-2013-6686 // JVNDB: JVNDB-2013-005149 // CNVD: CNVD-2013-14518 // BID: 63699 // VULHUB: VHN-66688

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2013-14518

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	eq	version:	15.2	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.0	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(1\)se	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.1	Trust: 1.6
vendor:	cisco	model:	ios	scope:	lte	version:	15.3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	lte	version:	15.3(1)t2	Trust: 0.8
vendor:	cisco	model:	ios	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios 15.1 t3	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios 15.1 t2	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios 15.1 t	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.3	Trust: 0.6
vendor:	cisco	model:	ios 15.2t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.2gc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.2 t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.2 t1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.2 t2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.2 gc2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.1gc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.1 t1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.1 t4	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.1 t2a	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.1 gc2	scope:	-	version:	-	Trust: 0.3

sources: CNVD: CNVD-2013-14518 // BID: 63699 // JVNDB: JVNDB-2013-005149 // CNNVD: CNNVD-201311-227 // NVD: CVE-2013-6686

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-6686
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2013-6686
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2013-14518
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201311-227
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-66688
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2013-6686
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2013-14518
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-66688
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2013-14518 // VULHUB: VHN-66688 // JVNDB: JVNDB-2013-005149 // CNNVD: CNNVD-201311-227 // NVD: CVE-2013-6686

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-66688 // JVNDB: JVNDB-2013-005149 // NVD: CVE-2013-6686

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201311-227

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201311-227

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-005149

PATCH

title:	Cisco IOS Software SSL VPN Interface Queue Wedge Denial of Service Vulnerability	url:	http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6686	Trust: 0.8
title:	31757	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=31757	Trust: 0.8
title:	Patch for Cisco IOS SSL VPN Interface Remote Denial of Service Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/41138	Trust: 0.6

sources: CNVD: CNVD-2013-14518 // JVNDB: JVNDB-2013-005149

EXTERNAL IDS

db:	NVD	id:	CVE-2013-6686	Trust: 3.4
db:	BID	id:	63699	Trust: 1.6
db:	JVNDB	id:	JVNDB-2013-005149	Trust: 0.8
db:	CNNVD	id:	CNNVD-201311-227	Trust: 0.7
db:	CNVD	id:	CNVD-2013-14518	Trust: 0.6
db:	CISCO	id:	20131113 CISCO IOS SOFTWARE SSL VPN INTERFACE QUEUE WEDGE DENIAL OF SERVICE VULNERABILITY	Trust: 0.6
db:	VULHUB	id:	VHN-66688	Trust: 0.1

sources: CNVD: CNVD-2013-14518 // VULHUB: VHN-66688 // BID: 63699 // JVNDB: JVNDB-2013-005149 // CNNVD: CNNVD-201311-227 // NVD: CVE-2013-6686

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-6686	Trust: 2.0
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=31757	Trust: 2.0
url:	http://www.securityfocus.com/bid/63699	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6686	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6686	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2013-14518 // VULHUB: VHN-66688 // BID: 63699 // JVNDB: JVNDB-2013-005149 // CNNVD: CNNVD-201311-227 // NVD: CVE-2013-6686

CREDITS

Cisco

Trust: 0.9

sources: BID: 63699 // CNNVD: CNNVD-201311-227

SOURCES

db:	CNVD	id:	CNVD-2013-14518
db:	VULHUB	id:	VHN-66688
db:	BID	id:	63699
db:	JVNDB	id:	JVNDB-2013-005149
db:	CNNVD	id:	CNNVD-201311-227
db:	NVD	id:	CVE-2013-6686

LAST UPDATE DATE

2025-04-11T23:20:33.980000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2013-14518	date:	2013-11-18T00:00:00
db:	VULHUB	id:	VHN-66688	date:	2013-11-19T00:00:00
db:	BID	id:	63699	date:	2015-03-19T08:45:00
db:	JVNDB	id:	JVNDB-2013-005149	date:	2013-11-20T00:00:00
db:	CNNVD	id:	CNNVD-201311-227	date:	2013-11-15T00:00:00
db:	NVD	id:	CVE-2013-6686	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2013-14518	date:	2013-11-18T00:00:00
db:	VULHUB	id:	VHN-66688	date:	2013-11-18T00:00:00
db:	BID	id:	63699	date:	2013-11-13T00:00:00
db:	JVNDB	id:	JVNDB-2013-005149	date:	2013-11-20T00:00:00
db:	CNNVD	id:	CNNVD-201311-227	date:	2013-11-15T00:00:00
db:	NVD	id:	CVE-2013-6686	date:	2013-11-18T03:55:06.070