Description
Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 MVPN (aka MVPNv6) packets, aka Bug ID CSCub34945, a different vulnerability than CVE-2013-1164.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asr1000
Scores
EPSS
0.0196
EPSS Percentile
78.0%
Details
CWE
CWE-20
Status
published
Products (23)
cisco/asr_1001
cisco/asr_1002
cisco/asr_1002-x
cisco/asr_1002_fixed_router
cisco/asr_1004
cisco/asr_1006
cisco/asr_1013
cisco/asr_1023_router
cisco/ios_xe
3.4.0as
cisco/ios_xe
3.4.0s
... and 13 more
Published
Apr 11, 2013
Tracked Since
Feb 18, 2026