Improper resource shutdown in Cisco IOS XE - CVE-2013-1146

Vulnerability identifier: #VU11758

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2013-1146

CWE-ID: CWE-404

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Cisco Systems, Inc

Affected software:
Cisco IOS XE

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists due to an unspecified flaw. A remote attacker can cause the service to crash.

Update to versions 15.2(1)E, 15.0(2)SE4, 15.0(2)SE2, 15.0(2)SE1, 15.0(2)EY2, 15.0(2)EY1, 15.0(2)EY, 15.0(2)EX1, 15.0(2)EX, 15.0(2)ED1, 15.0(2)ED, 12.2(55)SE7, 12.2(55)SE10, 16.1(0.14), 15.7(3.1.11D)OT, 15.4(0.23)T, 15.3(3)M1, 15.3(3)M0.4, 15.3(3)JNB1, 15.3(3)JNB, 15.3(3)JN4, 15.3(3)JA77, 15.3(3)JA3, 15.3(3)JA2, 15.3(3)JA1m, 15.3(3)JA10, 15.3(3)JA1, 15.3(2)T1, 15.3(2)T, 15.3(2.3.1)CG, 15.3(1)T2, 15.3(1)T1, 15.3(1)T0.1, 15.3(1.14)PI22, 15.3(1.13)T, 15.3(1.13.1)PIH21, 15.3(1.9)T, 15.2(6.3.0i)E, 15.2(5.0)ST, 15.2(4)XB11, 15.2(4)M5, 15.2(4)M4, 15.2(4)M3, 15.2(4)M2.5, 15.2(4)GC1, 15.2(4)GC, 15.2(4.0)ST, 15.2(4.0.64a)E, 15.2(3)T3, 15.2(3)T2.1, 15.2(3)GCA1, 15.2(3)GC1, 15.2(2)T4, 15.2(2)T3, 15.2(2)JB4, 15.2(1)T4, 15.2(1)T3.2, 15.2(1)EX0.116, 15.2(1.2.3)PI22, 15.2(1.1)EY, 15.2(1.0.1)IPI2, 15.1(4)M6, 15.1(4)M5.14, 15.1(4)GC1, 15.1(2)SY, 15.1(2)SGN1.64, 15.1(2)SG3.0.1, 15.1(2)SG1, 15.1(2)SG1.0.79, 15.1(1)SY5, 15.1(1)SY4.28, 15.1(1)SY1, 15.1(1)SY1.57, 15.1(1)SY1.55, 15.1(1)SY1.32, 15.1(1)SY0.1, 15.1(1.33)SID, 15.0(10.16)EMW, 15.0(9.4)EMW, 15.0(9.2)EMD, 15.0(9.0)PKD, 15.0(5.0)SG1, 15.0(5.0.26)SG, 15.0(2)SE3, 15.0(2)EZ, 15.0(2)EJ, 15.0(2)EB, 15.0(2)EA1, 15.0(2)EA, 15.0(1.20)EZD, 15.0(1.15)UCT or 3.2(0)SE.

• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-smartinstall