What is the severity of CVE-2013-5474?

CVE-2013-5474 is classified as a high severity vulnerability due to its potential to cause denial of service.

How do I fix CVE-2013-5474?

To fix CVE-2013-5474, upgrade to a version of Cisco IOS that avoids this vulnerability, specifically versions later than 12.4 and 15.3.

What impact does CVE-2013-5474 have on affected devices?

CVE-2013-5474 can lead to denial of service on affected devices, causing them to reload or hang under certain conditions.

Which Cisco IOS versions are affected by CVE-2013-5474?

CVE-2013-5474 affects Cisco IOS versions 12.2 through 12.4 and 15.0 through 15.3.

Can CVE-2013-5474 be exploited by remote attackers?

Yes, CVE-2013-5474 can be exploited by remote attackers using fragmented IPv6 packets.

Vulnerability/
CVE-2013-5474

high

7.8

CWE

362

27/9/2013

3/10/2022

6/8/2024

CVE-2013-5474: Race Condition

First published: Fri Sep 27 2013(Updated: )

Race condition in the IPv6 virtual fragmentation reassembly (VFR) implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.3 allows remote attackers to cause a denial of service (device reload or hang) via fragmented IPv6 packets, aka Bug ID CSCud64812.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Puppet Cisco IOS	=12.2
Puppet Cisco IOS	=12.3
Puppet Cisco IOS	=12.4
Puppet Cisco IOS	=15.0
Puppet Cisco IOS	=15.1
Puppet Cisco IOS	=15.2
Puppet Cisco IOS	=15.3

Never miss a vulnerability like this again

Reference Links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-ipv6vfr

Frequently Asked Questions

What is the severity of CVE-2013-5474?
CVE-2013-5474 is classified as a high severity vulnerability due to its potential to cause denial of service.
How do I fix CVE-2013-5474?
To fix CVE-2013-5474, upgrade to a version of Cisco IOS that avoids this vulnerability, specifically versions later than 12.4 and 15.3.
What impact does CVE-2013-5474 have on affected devices?
CVE-2013-5474 can lead to denial of service on affected devices, causing them to reload or hang under certain conditions.
Which Cisco IOS versions are affected by CVE-2013-5474?
CVE-2013-5474 affects Cisco IOS versions 12.2 through 12.4 and 15.0 through 15.3.
Can CVE-2013-5474 be exploited by remote attackers?
Yes, CVE-2013-5474 can be exploited by remote attackers using fragmented IPv6 packets.

agent/type
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/severity
agent/references
agent/author
agent/last-modified-date
agent/event
agent/description
agent/source
agent/weakness
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco ios
version/cisco ios/12.2
version/cisco ios/12.3
version/cisco ios/12.4
version/cisco ios/15.0
version/cisco ios/15.1
version/cisco ios/15.2
version/cisco ios/15.3

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.