#VU11758 Improper resource shutdown in Cisco IOS XE - CVE-2013-1146

Vulnerability identifier: #VU11758

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2013-1146

CWE-ID: CWE-404

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Cisco IOS XE

Software vendor:
Cisco Systems, Inc

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists due to an unspecified flaw. A remote attacker can cause the service to crash.

Update to versions 15.2(1)E, 15.0(2)SE4, 15.0(2)SE2, 15.0(2)SE1, 15.0(2)EY2, 15.0(2)EY1, 15.0(2)EY, 15.0(2)EX1, 15.0(2)EX, 15.0(2)ED1, 15.0(2)ED, 12.2(55)SE7, 12.2(55)SE10, 16.1(0.14), 15.7(3.1.11D)OT, 15.4(0.23)T, 15.3(3)M1, 15.3(3)M0.4, 15.3(3)JNB1, 15.3(3)JNB, 15.3(3)JN4, 15.3(3)JA77, 15.3(3)JA3, 15.3(3)JA2, 15.3(3)JA1m, 15.3(3)JA10, 15.3(3)JA1, 15.3(2)T1, 15.3(2)T, 15.3(2.3.1)CG, 15.3(1)T2, 15.3(1)T1, 15.3(1)T0.1, 15.3(1.14)PI22, 15.3(1.13)T, 15.3(1.13.1)PIH21, 15.3(1.9)T, 15.2(6.3.0i)E, 15.2(5.0)ST, 15.2(4)XB11, 15.2(4)M5, 15.2(4)M4, 15.2(4)M3, 15.2(4)M2.5, 15.2(4)GC1, 15.2(4)GC, 15.2(4.0)ST, 15.2(4.0.64a)E, 15.2(3)T3, 15.2(3)T2.1, 15.2(3)GCA1, 15.2(3)GC1, 15.2(2)T4, 15.2(2)T3, 15.2(2)JB4, 15.2(1)T4, 15.2(1)T3.2, 15.2(1)EX0.116, 15.2(1.2.3)PI22, 15.2(1.1)EY, 15.2(1.0.1)IPI2, 15.1(4)M6, 15.1(4)M5.14, 15.1(4)GC1, 15.1(2)SY, 15.1(2)SGN1.64, 15.1(2)SG3.0.1, 15.1(2)SG1, 15.1(2)SG1.0.79, 15.1(1)SY5, 15.1(1)SY4.28, 15.1(1)SY1, 15.1(1)SY1.57, 15.1(1)SY1.55, 15.1(1)SY1.32, 15.1(1)SY0.1, 15.1(1.33)SID, 15.0(10.16)EMW, 15.0(9.4)EMW, 15.0(9.2)EMD, 15.0(9.0)PKD, 15.0(5.0)SG1, 15.0(5.0.26)SG, 15.0(2)SE3, 15.0(2)EZ, 15.0(2)EJ, 15.0(2)EB, 15.0(2)EA1, 15.0(2)EA, 15.0(1.20)EZD, 15.0(1.15)UCT or 3.2(0)SE.

• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-smartinstall