CVE-2013-1144 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Cisco IOS

CWE-399CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
7.8HIGHNVD
EPSS
1.0%
top 23.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedMar 28
Latest updateMay 17

Description

Memory leak in the IKEv1 implementation in Cisco IOS 15.1 allows remote attackers to cause a denial of service (memory consumption) via unspecified (1) IPv4 or (2) IPv6 IKE packets, aka Bug ID CSCth81055.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

â–¶NVDcisco/ios15.1

🔴Vulnerability Details

2
GHSA
GHSA-5vgh-45x2-wx9w: Memory leak in the IKEv1 implementation in Cisco IOS 15↗2022-05-17
â–¶
CVEList
CVE-2013-1144: Memory leak in the IKEv1 implementation in Cisco IOS 15↗2013-03-28
â–¶

📋Vendor Advisories

1
Cisco
Cisco IOS Software Internet Key Exchange Vulnerability↗2013-03-27
â–¶
CVE-2013-1144 — Cisco IOS vulnerability | cvebase