Sign-up

ID

VAR-201311-0291


CVE

CVE-2013-5548


TITLE

Cisco IOS of IKEv2 Specific in the implementation of IPsec Vulnerability that avoids resending prevention function

Trust: 0.8

sources: JVNDB: JVNDB-2013-004968

DESCRIPTION

The IKEv2 implementation in Cisco IOS, when AES-GCM or AES-GMAC is used, allows remote attackers to bypass certain IPsec anti-replay features via IPsec tunnel traffic, aka Bug ID CSCuj47795. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. When the Phase 2 IPsec Security Associations (SAs) use the AES-GCM or AES-GMAC algorithm, the IPsec Phase 2 SA anti-replay feature is not properly logically encoded. An attacker exploited this vulnerability by sending an IPsec tunnel traversal request. Successfully exploiting this issue will allow an attacker to perform replay attacks. This may lead to other attacks

Trust: 2.52

sources: NVD: CVE-2013-5548 // JVNDB: JVNDB-2013-004968 // CNVD: CNVD-2013-14209 // BID: 63426 // VULHUB: VHN-65550

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2013-14209

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion: -

Trust: 1.6

vendor:ciscomodel:iosscope:lteversion:15.3(3)m5

Trust: 0.8

vendor:ciscomodel:iosscope: - version: -

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:0

Trust: 0.3

sources: CNVD: CNVD-2013-14209 // BID: 63426 // JVNDB: JVNDB-2013-004968 // CNNVD: CNNVD-201310-750 // NVD: CVE-2013-5548

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-5548
value: MEDIUM

Trust: 1.0

NVD: CVE-2013-5548
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2013-14209
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201310-750
value: MEDIUM

Trust: 0.6

VULHUB: VHN-65550
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2013-5548
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2013-14209
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-65550
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2013-14209 // VULHUB: VHN-65550 // JVNDB: JVNDB-2013-004968 // CNNVD: CNNVD-201310-750 // NVD: CVE-2013-5548

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-65550 // JVNDB: JVNDB-2013-004968 // NVD: CVE-2013-5548

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201310-750

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201310-750

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-004968

PATCH
title:Internet Key Exchange Version 2 Anti-replay Protection Disabled Vulnerabilityurl:http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5548
Trust: 0.8
title:31547url:http://tools.cisco.com/security/center/viewAlert.x?alertId=31547
Trust: 0.8
title:Cisco IOS Internet Key Exchange Replay Security Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/40653
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2013-14209 // 
            
            
            
            JVNDB: JVNDB-2013-004968

EXTERNAL IDS
db:NVDid:CVE-2013-5548
Trust: 3.4
db:BIDid:63426
Trust: 1.6
db:JVNDBid:JVNDB-2013-004968
Trust: 0.8
db:CNNVDid:CNNVD-201310-750
Trust: 0.7
db:CNVDid:CNVD-2013-14209
Trust: 0.6
db:CISCOid:20131029 INTERNET KEY EXCHANGE VERSION 2 ANTI-REPLAY PROTECTION DISABLED VULNERABILITY
Trust: 0.6
db:NSFOCUSid:25159
Trust: 0.6
db:VULHUBid:VHN-65550
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2013-14209 // 
            
            
            
            VULHUB: VHN-65550 // 
            
            
            
            BID: 63426 // 
            
            
            
            JVNDB: JVNDB-2013-004968 // 
            
            
            
            CNNVD: CNNVD-201310-750 // 
            
            
            
            NVD: CVE-2013-5548

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-5548
Trust: 2.3
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5548
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5548
Trust: 0.8
url:http://www.securityfocus.com/bid/63426
Trust: 0.6
url:http://www.nsfocus.net/vulndb/25159
Trust: 0.6
url:http://www.cisco.com/
Trust: 0.3
url:http://www.cisco.com/en/us/products/sw/iosswrel/products_ios_cisco_ios_software_category_home.html
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2013-14209 // 
            
            
            
            VULHUB: VHN-65550 // 
            
            
            
            BID: 63426 // 
            
            
            
            JVNDB: JVNDB-2013-004968 // 
            
            
            
            CNNVD: CNNVD-201310-750 // 
            
            
            
            NVD: CVE-2013-5548

CREDITS
Cisco
Trust: 0.9
sources:
            
            
            BID: 63426 // 
            
            
            
            CNNVD: CNNVD-201310-750

SOURCES
db:CNVDid:CNVD-2013-14209
db:VULHUBid:VHN-65550
db:BIDid:63426
db:JVNDBid:JVNDB-2013-004968
db:CNNVDid:CNNVD-201310-750
db:NVDid:CVE-2013-5548

LAST UPDATE DATE
2025-04-11T23:11:58.866000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2013-14209date:2013-11-04T00:00:00
db:VULHUBid:VHN-65550date:2013-11-21T00:00:00
db:BIDid:63426date:2013-11-01T00:52:00
db:JVNDBid:JVNDB-2013-004968date:2013-11-05T00:00:00
db:CNNVDid:CNNVD-201310-750date:2013-11-01T00:00:00
db:NVDid:CVE-2013-5548date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:CNVDid:CNVD-2013-14209date:2013-11-04T00:00:00
db:VULHUBid:VHN-65550date:2013-11-01T00:00:00
db:BIDid:63426date:2013-10-29T00:00:00
db:JVNDBid:JVNDB-2013-004968date:2013-11-05T00:00:00
db:CNNVDid:CNNVD-201310-750date:2013-10-29T00:00:00
db:NVDid:CVE-2013-5548date:2013-11-01T02:55:04.997