CVE-2013-1112 — Improper Input Validation in Cisco Carrier Routing System

CWE-20 — Improper Input Validation CWE-3994 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

0.5%

top 32.53%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Carrier Routing System

Timeline

PublishedJan 31

Latest updateMay 17

Description

Cisco Carrier Routing System (CRS) allows remote attackers to cause a denial of service (packet loss) via short malformed packets that trigger inefficient processing, aka Bug ID CSCud79136.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDcisco/carrier_routing_system38 versions+37

🔴Vulnerability Details

GHSA

GHSA-6v3r-7qpf-rp4x: Cisco Carrier Routing System (CRS) allows remote attackers to cause a denial of service (packet loss) via short malformed packets that trigger ineffic↗2022-05-17

▶

CVEList

CVE-2013-1112: Cisco Carrier Routing System (CRS) allows remote attackers to cause a denial of service (packet loss) via short malformed packets that trigger ineffic↗2013-01-31

▶

📋Vendor Advisories

Cisco

Cisco Carrier Routing System Small Packets Denial of Service Vulnerability↗2013-01-28

▶