CVE-2013-1166
Cisco IOS XE 3.2-3.4 < 3.4.5S and 3.5-3.7 < 3.7.1S - Denial of Service via SIP Packet Flood
Title source: llmDescription
Cisco IOS XE 3.2 through 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR), when VRF-aware NAT and SIP ALG are enabled, allows remote attackers to cause a denial of service (card reload) by sending many SIP packets, aka Bug ID CSCuc65609.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asr1000
Scores
EPSS
0.0189
EPSS Percentile
77.1%
Details
CWE
CWE-20
Status
published
Products (20)
cisco/asr_1001
cisco/asr_1002
cisco/asr_1002-x
cisco/asr_1002_fixed_router
cisco/asr_1004
cisco/asr_1006
cisco/asr_1023_router
cisco/ios_xe
3.2.0s
cisco/ios_xe
3.2.1s
cisco/ios_xe
3.2.2s
... and 10 more
Published
Apr 11, 2013
Tracked Since
Feb 18, 2026