CVE-2013-5474 โ€” Race Condition in Cisco IOS

CWE-362 โ€” Race Condition4 documents4 sources
Severity
7.8HIGHNVD
EPSS
0.3%
top 43.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedSep 27
Latest updateMay 17

Description

Race condition in the IPv6 virtual fragmentation reassembly (VFR) implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.3 allows remote attackers to cause a denial of service (device reload or hang) via fragmented IPv6 packets, aka Bug ID CSCud64812.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

โ–ถNVDcisco/ios7 versions+6

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-pj68-37fj-g5m7: Race condition in the IPv6 virtual fragmentation reassembly (VFR) implementation in Cisco IOS 12โ†—2022-05-17
โ–ถ
CVEList
CVE-2013-5474: Race condition in the IPv6 virtual fragmentation reassembly (VFR) implementation in Cisco IOS 12โ†—2013-09-27
โ–ถ

๐Ÿ“‹Vendor Advisories

1
Cisco
Cisco IOS Software IPv6 Virtual Fragmentation Reassembly Denial of Service Vulnerabilityโ†—2013-09-25
โ–ถ
CVE-2013-5474 โ€” Race Condition in Cisco IOS | cvebase