CVE-2013-1100 - Vulnerability Details

Description

The HTTP server in Cisco IOS on Catalyst switches does not properly handle TCP socket events, which allows remote attackers to cause a denial of service (device crash) via crafted packets on TCP port (1) 80 or (2) 443, aka Bug ID CSCuc53853.

Published: 2013-02-13

Score: 5.4 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:cisco:ios:-:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:catalyst_2820::::::::
	cpe:2.3:h:cisco:catalyst_2820:9.0_0.07:::::::*
	cpe:2.3:h:cisco:catalyst_2900::::::::
	cpe:2.3:h:cisco:catalyst_2900:lre_xl:::::::*
	cpe:2.3:h:cisco:catalyst_2900:xl:::::::*
	cpe:2.3:h:cisco:catalyst_2900_vlan::::::::
	cpe:2.3:h:cisco:catalyst_2900xl::::::::
	cpe:2.3:h:cisco:catalyst_2901::::::::
	cpe:2.3:h:cisco:catalyst_2902::::::::
	cpe:2.3:h:cisco:catalyst_2920::::::::
	cpe:2.3:h:cisco:catalyst_2926::::::::
	cpe:2.3:h:cisco:catalyst_2926f::::::::
	cpe:2.3:h:cisco:catalyst_2926gl::::::::
	cpe:2.3:h:cisco:catalyst_2926gs::::::::
	cpe:2.3:h:cisco:catalyst_2926t::::::::
	cpe:2.3:h:cisco:catalyst_2940::::::::
	cpe:2.3:h:cisco:catalyst_2948::::::::
	cpe:2.3:h:cisco:catalyst_2948-ge-tx::::::::
	cpe:2.3:h:cisco:catalyst_2948g::::::::
	cpe:2.3:h:cisco:catalyst_2948g-l3::::::::
	cpe:2.3:h:cisco:catalyst_2950::::::::
	cpe:2.3:h:cisco:catalyst_2950_lre::::::::
	cpe:2.3:h:cisco:catalyst_2955::::::::
	cpe:2.3:h:cisco:catalyst_2970::::::::
	cpe:2.3:h:cisco:catalyst_2980g::::::::
	cpe:2.3:h:cisco:catalyst_2980g-a::::::::
	cpe:2.3:h:cisco:catalyst_3000::::::::
	cpe:2.3:h:cisco:catalyst_3200::::::::
	cpe:2.3:h:cisco:catalyst_3500::::::::
	cpe:2.3:h:cisco:catalyst_3500_xl::::::::
	cpe:2.3:h:cisco:catalyst_3500xl::::::::
	cpe:2.3:h:cisco:catalyst_3550::::::::
	cpe:2.3:h:cisco:catalyst_3560::::::::
	cpe:2.3:h:cisco:catalyst_3560-e::::::::
	cpe:2.3:h:cisco:catalyst_3560-x::::::::
	cpe:2.3:h:cisco:catalyst_3750::::::::
	cpe:2.3:h:cisco:catalyst_3750-e::::::::
	cpe:2.3:h:cisco:catalyst_3750-x::::::::
	cpe:2.3:h:cisco:catalyst_3750_metro::::::::
	cpe:2.3:h:cisco:catalyst_3750g::::::::
	cpe:2.3:h:cisco:catalyst_3900::::::::
	cpe:2.3:h:cisco:catalyst_4000::::::::
	cpe:2.3:h:cisco:catalyst_4200::::::::
	cpe:2.3:h:cisco:catalyst_4224::::::::
	cpe:2.3:h:cisco:catalyst_4232::::::::
	cpe:2.3:h:cisco:catalyst_4232-13::::::::
	cpe:2.3:h:cisco:catalyst_4500::::::::
	cpe:2.3:h:cisco:catalyst_4503::::::::
	cpe:2.3:h:cisco:catalyst_4506::::::::
	cpe:2.3:h:cisco:catalyst_4507r::::::::
	cpe:2.3:h:cisco:catalyst_4510r::::::::
	cpe:2.3:h:cisco:catalyst_4840g::::::::
	cpe:2.3:h:cisco:catalyst_4908g-l3::::::::
	cpe:2.3:h:cisco:catalyst_4912g::::::::
	cpe:2.3:h:cisco:catalyst_4948::::::::
	cpe:2.3:h:cisco:catalyst_5000::::::::
	cpe:2.3:h:cisco:catalyst_5500::::::::
	cpe:2.3:h:cisco:catalyst_5505::::::::
	cpe:2.3:h:cisco:catalyst_5509::::::::
	cpe:2.3:h:cisco:catalyst_6000::::::::
	cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-1:2.2\(1a\):::::::*
	cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-1:3.1\(1a\):::::::*
	cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-2:2.2\(1a\):::::::*
	cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-2:3.1\(1a\):::::::*
cpe:2.3:h:cisco:catalyst_6000_ws-x6380-nam:2.1\(2\):::::::*
cpe:2.3:h:cisco:catalyst_6000_ws-x6380-nam:3.1\(1a\):::::::*
cpe:2.3:h:cisco:catalyst_6500::::::::
cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-1:2.2\(1a\):::::::*
cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-1:3.1\(1a\):::::::*
cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-2:2.2\(1a\):::::::*
cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-2:3.1\(1a\):::::::*
cpe:2.3:h:cisco:catalyst_6500_ws-x6380-nam:2.1\(2\):::::::*
cpe:2.3:h:cisco:catalyst_6500_ws-x6380-nam:3.1\(1a\):::::::*
cpe:2.3:h:cisco:catalyst_6503-e:-:::::::*
cpe:2.3:h:cisco:catalyst_6504-e:-:::::::*
cpe:2.3:h:cisco:catalyst_6506-e:-:::::::*
cpe:2.3:h:cisco:catalyst_6509-e:-:::::::*
cpe:2.3:h:cisco:catalyst_6509-neb-a:-:::::::*
cpe:2.3:h:cisco:catalyst_6509-v-e:-:::::::*
cpe:2.3:h:cisco:catalyst_6513:-:::::::*
cpe:2.3:h:cisco:catalyst_6513-e:-:::::::*
cpe:2.3:h:cisco:catalyst_6608::::::::
cpe:2.3:h:cisco:catalyst_6624::::::::
cpe:2.3:h:cisco:catalyst_7600::::::::
cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-1:2.2\(1a\):::::::*
cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-1:3.1\(1a\):::::::*
cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-2:2.2\(1a\):::::::*
cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-2:3.1\(1a\):::::::*
cpe:2.3:h:cisco:catalyst_7600_ws-x6380-nam:2.1\(2\):::::::*
cpe:2.3:h:cisco:catalyst_7600_ws-x6380-nam:3.1\(1a\):::::::*
cpe:2.3:h:cisco:catalyst_8500::::::::
cpe:2.3:h:cisco:catalyst_8510csr::::::::
cpe:2.3:h:cisco:catalyst_8510msr::::::::
cpe:2.3:h:cisco:catalyst_8540csr::::::::
cpe:2.3:h:cisco:catalyst_8540msr::::::::
cpe:2.3:h:cisco:catalyst_ws-c2924-xl::::::::

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2013-1140	The HTTP server in Cisco IOS on Catalyst switches does not properly handle TCP socket events, which allows remote attackers to cause a denial of service (device crash) via crafted packets on TCP port (1) 80 or (2) 443, aka Bug ID CSCuc53853.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.00633.

Key SSVC decision points have not yet been added.

References

Link	Providers
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1100

History

No history.

Subscriptions

Cisco Catalyst 2820 Catalyst 2900 Catalyst 2900 Vlan Catalyst 2900xl Catalyst 2901 Catalyst 2902 Catalyst 2920 Catalyst 2926 Catalyst 2926f Catalyst 2926gl Catalyst 2926gs Catalyst 2926t Catalyst 2940 Catalyst 2948 Catalyst 2948-ge-tx Catalyst 2948g Catalyst 2948g-l3 Catalyst 2950 Catalyst 2950 Lre Catalyst 2955 Catalyst 2970 Catalyst 2980g Catalyst 2980g-a Catalyst 3000 Catalyst 3200 Catalyst 3500 Catalyst 3500 Xl Catalyst 3500xl Catalyst 3550 Catalyst 3560 Catalyst 3560-e Catalyst 3560-x Catalyst 3750 Catalyst 3750-e Catalyst 3750-x Catalyst 3750 Metro Catalyst 3750g Catalyst 3900 Catalyst 4000 Catalyst 4200 Catalyst 4224 Catalyst 4232 Catalyst 4232-13 Catalyst 4500 Catalyst 4503 Catalyst 4506 Catalyst 4507r Catalyst 4510r Catalyst 4840g Catalyst 4908g-l3 Catalyst 4912g Catalyst 4948 Catalyst 5000 Catalyst 5500 Catalyst 5505 Catalyst 5509 Catalyst 6000 Catalyst 6000 Ws-svc-nam-1 Catalyst 6000 Ws-svc-nam-2 Catalyst 6000 Ws-x6380-nam Catalyst 6500 Catalyst 6500 Ws-svc-nam-1 Catalyst 6500 Ws-svc-nam-2 Catalyst 6500 Ws-x6380-nam Catalyst 6503-e Catalyst 6504-e Catalyst 6506-e Catalyst 6509-e Catalyst 6509-neb-a Catalyst 6509-v-e Catalyst 6513 Catalyst 6513-e Catalyst 6608 Catalyst 6624 Catalyst 7600 Catalyst 7600 Ws-svc-nam-1 Catalyst 7600 Ws-svc-nam-2 Catalyst 7600 Ws-x6380-nam Catalyst 8500 Catalyst 8510csr Catalyst 8510msr Catalyst 8540csr Catalyst 8540msr Catalyst Ws-c2924-xl Ios

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2013-02-13T23:00:00.000Z

Updated: 2024-09-16T18:14:13.971Z

Reserved: 2013-01-11T00:00:00.000Z

Link: CVE-2013-1100

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2013-02-13T23:55:01.117

Modified: 2025-04-11T00:51:21.963

Link: CVE-2013-1100

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-399

Tracking

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object