Denial of Service in Cisco IOS XE on 1000 Series Aggregation Services Routers
CVE-2013-2779

Currently unrated

Key Information:

Vendor: Cisco
Status: Ios Xe; Asr 1001; Asr 1002; Asr 1002-x
Vendor: CVE Published:; 11 April 2013

Summary

The vulnerability in Cisco IOS XE affects 1000 Series Aggregation Services Routers (ASR) and relates to an improper implementation of the Multicast Leaf Recycle Elimination (MLRE) feature. This flaw enables remote attackers to launch a denial of service attack by sending specially crafted fragmented IPv6 MVPN packets to the router, leading to a card reload. This could significantly impact network availability and reliability. Affected software versions include 3.4 prior to 3.4.5S and 3.5 through 3.7 prior to 3.7.1S.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Apr 11, 2013