CVE-2013-1241
First published: Wed May 08 2013(Updated: )
The ISM module in Cisco IOS on ISR G2 routers does not properly handle authentication-header packets, which allows remote authenticated users to cause a denial of service (module reload) via a series of malformed packets, aka Bug ID CSCub92025.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco IOS | ||
| Cisco 1921 Integrated Services Router | ||
| Cisco 1941w Integrated Services Router | ||
| Cisco 1941w Integrated Services Router | ||
| Cisco 2901 Integrated Services Router | ||
| Cisco ISR (Integrated Services Router) | ||
| Cisco 2921 Integrated Services Router | ||
| Cisco 2951 Integrated Services Router | ||
| Cisco 3925 Integrated Services Router | ||
| Cisco 3925E Integrated Services Router | ||
| Cisco 3945 Integrated Services Router | ||
| Cisco 3945e Integrated Services Router | ||
| Cisco 861w Integrated Services Router | ||
| Cisco 867 Integrated Services Router | ||
| Cisco Integrated Services Routers Generation 2 (ISR G2) | ||
| Cisco 881-CUBE Integrated Services Router | ||
| Cisco 886 Integrated Services Router | ||
| Cisco c886vaj Integrated Services Router | ||
| Cisco 886va-w Integrated Services Router | ||
| Cisco 887 Integrated Services Router | ||
| Cisco 887v Integrated Services Router | ||
| Cisco c887va Integrated Services Router | ||
| Cisco 887va-cube Integrated Services Router | ||
| Cisco 888e-cube Integrated Services Router | ||
| Cisco 891-24x Integrated Services Router | ||
| Cisco 892 Integrated Services Router | ||
| Cisco 881 3G Integrated Services Router |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2013-1241?
CVE-2013-1241 is classified as a denial of service vulnerability.
How do I fix CVE-2013-1241?
To remediate CVE-2013-1241, update to a fixed version of Cisco IOS as provided in the Cisco security advisory.
What devices are affected by CVE-2013-1241?
CVE-2013-1241 affects various Cisco ISR G2 routers, including models like the 1921, 2901, and 3945.
Can CVE-2013-1241 be exploited remotely?
Yes, CVE-2013-1241 can be exploited by remote authenticated users.
What is the impact of exploiting CVE-2013-1241?
Exploiting CVE-2013-1241 can lead to a denial of service condition, resulting in module reload.
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/description
- agent/event
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco ios
- canonical/cisco 1921 integrated services router
- canonical/cisco 1941w integrated services router
- canonical/cisco 2901 integrated services router
- canonical/cisco isr (integrated services router)
- canonical/cisco 2921 integrated services router
- canonical/cisco 2951 integrated services router
- canonical/cisco 3925 integrated services router
- canonical/cisco 3925e integrated services router
- canonical/cisco 3945 integrated services router
- canonical/cisco 3945e integrated services router
- canonical/cisco 861w integrated services router
- canonical/cisco 867 integrated services router
- canonical/cisco integrated services routers generation 2 (isr g2)
- canonical/cisco 881-cube integrated services router
- canonical/cisco 886 integrated services router
- canonical/cisco c886vaj integrated services router
- canonical/cisco 886va-w integrated services router
- canonical/cisco 887 integrated services router
- canonical/cisco 887v integrated services router
- canonical/cisco c887va integrated services router
- canonical/cisco 887va-cube integrated services router
- canonical/cisco 888e-cube integrated services router
- canonical/cisco 891-24x integrated services router
- canonical/cisco 892 integrated services router
- canonical/cisco 881 3g integrated services router