CVE-2013-5545

EUVD-2013-5385
The PPTP ALG implementation in Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending many PPTP packets over NAT, aka Bug ID CSCuh19936.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 61%
Affected Products (NVD)
VendorProductVersion
ciscoios_xe
3.9.0s:s
ciscoios_xe
3.9.1s:s
ciscoasr_1001
-
ciscoasr_1002
-
ciscoasr_1002-x
-
ciscoasr_1004
-
ciscoasr_1006
-
ciscoasr_1023_router
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000