FKIE_CVE-2013-3464
Vulnerability from fkie_nvd - Published: 2013-08-13 15:04 - Updated: 2026-06-16 23:55
Severity
Summary
Cisco IOS XR allows local users to cause a denial of service (Silicon Packet Processor memory corruption, improper mutex handling, and device reload) by starting an outbound flood of large ICMP Echo Request packets and stopping this with a CTRL-C sequence, aka Bug ID CSCui60347.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios_xr | 2.0\(.0\) | |
| cisco | ios_xr | 3.0\(.0\) | |
| cisco | ios_xr | 3.0\(.1\) | |
| cisco | ios_xr | 3.2\(.0\) | |
| cisco | ios_xr | 3.2\(.1\) | |
| cisco | ios_xr | 3.2\(.2\) | |
| cisco | ios_xr | 3.2\(.3\) | |
| cisco | ios_xr | 3.2\(.4\) | |
| cisco | ios_xr | 3.2\(.6\) | |
| cisco | ios_xr | 3.2\(.50\) | |
| cisco | ios_xr | 3.3\(.0\) | |
| cisco | ios_xr | 3.3\(.1\) | |
| cisco | ios_xr | 3.3\(.2\) | |
| cisco | ios_xr | 3.3\(.3\) | |
| cisco | ios_xr | 3.3\(.4\) | |
| cisco | ios_xr | 3.4\(.0\) | |
| cisco | ios_xr | 3.4\(.1\) | |
| cisco | ios_xr | 3.4\(.2\) | |
| cisco | ios_xr | 3.4\(.3\) | |
| cisco | ios_xr | 3.5\(.0\) | |
| cisco | ios_xr | 3.5\(.1\) | |
| cisco | ios_xr | 3.5\(.2\) | |
| cisco | ios_xr | 3.5\(.3\) | |
| cisco | ios_xr | 3.5\(.4\) | |
| cisco | ios_xr | 3.6\(.1\) | |
| cisco | ios_xr | 3.6\(.2\) | |
| cisco | ios_xr | 3.6\(.3\) | |
| cisco | ios_xr | 3.6_base | |
| cisco | ios_xr | 3.7\(.1\) | |
| cisco | ios_xr | 3.7\(.2\) | |
| cisco | ios_xr | 3.7\(.3\) | |
| cisco | ios_xr | 3.7_base | |
| cisco | ios_xr | 3.8\(.0\) | |
| cisco | ios_xr | 3.8\(.1\) | |
| cisco | ios_xr | 3.8\(.2\) | |
| cisco | ios_xr | 3.8\(.3\) | |
| cisco | ios_xr | 3.8\(.4\) | |
| cisco | ios_xr | 3.9\(.0\) | |
| cisco | ios_xr | 3.9\(.1\) | |
| cisco | ios_xr | 3.9\(.2\) | |
| cisco | ios_xr | 4.0\(.0\) | |
| cisco | ios_xr | 4.0\(.1\) | |
| cisco | ios_xr | 4.0\(.2\) | |
| cisco | ios_xr | 4.0\(.3\) | |
| cisco | ios_xr | 4.0\(.4\) | |
| cisco | ios_xr | 4.0\(.11\) | |
| cisco | ios_xr | 4.0_base | |
| cisco | ios_xr | 4.1\(.0\) | |
| cisco | ios_xr | 4.1\(.1\) | |
| cisco | ios_xr | 4.1\(.2\) | |
| cisco | ios_xr | 4.1_base | |
| cisco | ios_xr | 4.2\(.0\) | |
| cisco | ios_xr | 4.2\(.1\) | |
| cisco | ios_xr | 4.2\(.2\) | |
| cisco | ios_xr | 4.2\(.3\) | |
| cisco | ios_xr | 4.2\(.4\) | |
| cisco | ios_xr | 4.3\(.0\) |
{
"affected": [
{
"affectedData": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"source": "psirt@cisco.com"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:2.0\\(.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A2ECF2BB-792A-4404-A215-B1DB2EC351DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.0\\(.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F5BE827F-37D5-4AEA-A7A0-643BBC035F99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.0\\(.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "34351F97-D5C7-446A-9AFE-43A0FC976D54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.2\\(.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D35DC5F6-17E2-42A3-92D1-A6450869FDDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.2\\(.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FF7DC75F-39DD-43D0-B95A-60F67E7D49B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.2\\(.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E687A336-DC4E-4219-B0F2-F4112DDF2EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.2\\(.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B61EDEF9-F29D-4486-ABD5-BF06DE577053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.2\\(.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0FF9A754-3EC3-4BC9-B70E-53BFDCAA98A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.2\\(.6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BADD5764-378D-4DA9-B19B-E913454CECD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.2\\(.50\\):*:*:*:*:*:*:*",
"matchCriteriaId": "75E061FA-2A57-4430-96E5-96C8DCF409E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.3\\(.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6CD6ECE7-9AA5-4153-8787-126A1D2E2402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.3\\(.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "51CD5770-F542-4B52-A6C1-2649DAF24133",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.3\\(.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC79E535-4B75-4EC8-9BF8-7BC58DDDA240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.3\\(.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B1DE6FED-BA70-4EAD-8B3B-708DF124B0F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.3\\(.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AC6E1B7D-A751-40B7-AFFB-A32E1D16F1D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.4\\(.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8C703C75-167A-4CD3-98AF-13BAC15241CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.4\\(.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3B87670F-099B-4EA2-837E-F4F97D62F81A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.4\\(.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "13FC1C0B-2B51-4AEE-BCD8-60E568254E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.4\\(.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8575FF94-D3CC-4AFE-940F-E570AEF009C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.5\\(.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EFAF16A6-79A5-4A38-9D71-8C05E1DDBC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.5\\(.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5988D97E-257C-4F44-923E-1B8F66107231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.5\\(.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A8859F6B-9D6C-4F00-B795-35097220BD9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.5\\(.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5739FA72-A93B-4404-A632-DBC722BE1C0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.5\\(.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "03C1EB1B-FDFC-434D-B7E5-BCE56A489F3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.6\\(.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DA237DA2-D325-455B-BE27-33A3EB5F1153",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.6\\(.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DE75809C-6DF7-4E55-B74A-2806D751F879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.6\\(.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4E7DC333-3A5E-4AE0-BBCC-D656C7B1248D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.6_base:*:*:*:*:*:*:*",
"matchCriteriaId": "37318A4A-B022-406F-9CC4-891D3D02C2FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.7\\(.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D57DBF79-B665-422F-857E-169A6A836A4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.7\\(.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "569A99B8-6DEE-44B8-8EBA-E261B981DB2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.7\\(.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "79B092F8-E3BD-4C6A-9AE1-F673602DED83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.7_base:*:*:*:*:*:*:*",
"matchCriteriaId": "5ACF4A41-1D8D-4FEA-B139-E6EE77AF2A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.8\\(.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7D5414B4-29A3-4231-860A-B9795589A2A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.8\\(.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D8280975-E4CC-4A14-BF6E-9EB3755F046C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.8\\(.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ABE1E083-4B78-43B9-A569-529B3A210F84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.8\\(.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D3085D6A-D343-405F-80A9-487D7EF66AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.8\\(.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E77C6388-CCCE-41F4-A33A-10DA2BC72A30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.9\\(.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "91E5AA67-081B-4B9E-86F1-548B037E0276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.9\\(.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E5172436-13E2-48AD-B532-A104725A1DDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.9\\(.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "76E308B5-5C8A-4CB4-AB0B-62D8C145C017",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:4.0\\(.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5F3051BD-FC2C-483D-B867-83349B1413E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:4.0\\(.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "44AEDBFC-6823-4B59-91C1-A63A2857450C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:4.0\\(.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8D4D1182-92F0-4A27-8014-615CE7536390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:4.0\\(.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D10549A6-4315-4FD5-8800-7819ECA9BDEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:4.0\\(.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6E897239-B6AA-4DD9-A948-61B2A133ED41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:4.0\\(.11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E101F34E-BBBC-4D9A-A57D-71F02E75D6A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:4.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "59150CDC-27BE-4578-B1D6-AAAB2874E20D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:4.1\\(.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5F878DD6-A5FF-41CF-A6F0-04730811B7DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:4.1\\(.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46B3A04A-6BD8-454F-A174-F6DF74B3DDD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:4.1\\(.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7292B5A8-F25B-4B9F-ACA2-1F95D2A6245D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:4.1_base:*:*:*:*:*:*:*",
"matchCriteriaId": "5169C809-B809-4781-A632-F0814C7D7902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:4.2\\(.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DDBDFB6F-9B9A-4105-94C2-12A03348B5D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:4.2\\(.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8FB55D7D-62E1-4D3B-AEDE-667A64349967",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:4.2\\(.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "94A240AD-B5C8-4048-B17D-92D162863CC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:4.2\\(.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DB2B601F-0227-443B-B204-53E06AF6BCFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:4.2\\(.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A1B97B75-8754-46C0-A9EE-4306109E9D22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:4.3\\(.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F1957C15-1A36-4F91-9CDB-8317FDFEFAF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco IOS XR allows local users to cause a denial of service (Silicon Packet Processor memory corruption, improper mutex handling, and device reload) by starting an outbound flood of large ICMP Echo Request packets and stopping this with a CTRL-C sequence, aka Bug ID CSCui60347."
},
{
"lang": "es",
"value": "Cisco IOS XR permite a usuarios locales provocar una denegaci\u00f3n de servicio (corrupci\u00f3n memoria en Silicon Packet Processor, manipulaci\u00f3n indebida mutex, y recarga del dispositivo) iniciando una inundaci\u00f3n a trav\u00e9s del env\u00edo de grandes paquetes con solicitudes eco ICMP y detenci\u00f3n de este env\u00edo con una secuencia CTRL-C, tambi\u00e9n conocido como Bug ID CSCui60347."
}
],
"id": "CVE-2013-3464",
"lastModified": "2026-06-16T23:55:14.023",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-08-13T15:04:14.017",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3464"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1028914"
},
{
"source": "psirt@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86385"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3464"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1028914"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86385"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…