CVE-2013-5546

Cisco IOS XE 3.7-3.8 - Denial of Service via TCP Reassembly in NAT or ALG Component

Title source: llm
STIX 2.1

Description

The TCP reassembly feature in Cisco IOS XE 3.7 before 3.7.3S and 3.8 before 3.8.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via large TCP packets that are processed by the (1) NAT or (2) ALG component, aka Bug ID CSCud72509.

References (1)

Core 1
Core References

Scores

EPSS 0.0189
EPSS Percentile 77.1%

Details

CWE
CWE-20
Status published
Products (10)
cisco/asr_1001
cisco/asr_1002
cisco/asr_1002-x
cisco/asr_1004
cisco/asr_1006
cisco/asr_1023_router
cisco/ios_xe 3.7.0s
cisco/ios_xe 3.7.1s
cisco/ios_xe 3.7.2s
cisco/ios_xe 3.8.0s
Published Oct 31, 2013
Tracked Since Feb 18, 2026