VAR-201311-0294
Vulnerability from variot - Updated: 2025-04-11 23:04Multiple memory leaks in Cisco IOS 15.1 before 15.1(4)M7 allow remote attackers to cause a denial of service (memory consumption or device reload) by sending a crafted SIP message over (1) IPv4 or (2) IPv6, aka Bug IDs CSCuc42558 and CSCug25383. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. The vulnerability is due to improper handling of specially crafted SIP messages. Cisco IOS is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause an affected system to reload, resulting in a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCuc42558. The following releases are affected: Cisco IOS 15.1(4)GC, 15.1(4)GC1, 15.1(4)M4, 15.1(4)M5, 15.1(4)M6
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201311-0294",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "15.1"
},
{
"model": "ios 15.1 m4",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "15.1(4)gc"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "15.1(4)gc1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "15.1(4)m4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "15.1(4)m5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "15.1(4)m6"
},
{
"model": "ios 15.1 gc",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1 gc1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1 m5",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1 m6",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14350"
},
{
"db": "BID",
"id": "63553"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005050"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-097"
},
{
"db": "NVD",
"id": "CVE-2013-5553"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:ios",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005050"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "63553"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-097"
}
],
"trust": 0.9
},
"cve": "CVE-2013-5553",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2013-5553",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-14350",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-65555",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-5553",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-5553",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2013-14350",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201311-097",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-65555",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14350"
},
{
"db": "VULHUB",
"id": "VHN-65555"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005050"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-097"
},
{
"db": "NVD",
"id": "CVE-2013-5553"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple memory leaks in Cisco IOS 15.1 before 15.1(4)M7 allow remote attackers to cause a denial of service (memory consumption or device reload) by sending a crafted SIP message over (1) IPv4 or (2) IPv6, aka Bug IDs CSCuc42558 and CSCug25383. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. The vulnerability is due to improper handling of specially crafted SIP messages. Cisco IOS is prone to a remote denial-of-service vulnerability. \nAn attacker can exploit this issue to cause an affected system to reload, resulting in a denial-of-service condition. \nThis issue is being tracked by Cisco Bug ID CSCuc42558. The following releases are affected: Cisco IOS 15.1(4)GC, 15.1(4)GC1, 15.1(4)M4, 15.1(4)M5, 15.1(4)M6",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-5553"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005050"
},
{
"db": "CNVD",
"id": "CNVD-2013-14350"
},
{
"db": "BID",
"id": "63553"
},
{
"db": "VULHUB",
"id": "VHN-65555"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-5553",
"trust": 3.4
},
{
"db": "BID",
"id": "63553",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005050",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201311-097",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2013-14350",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "25242",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20131106 CISCO IOS SOFTWARE SESSION INITIATION PROTOCOL DENIAL OF SERVICE VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-65555",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14350"
},
{
"db": "VULHUB",
"id": "VHN-65555"
},
{
"db": "BID",
"id": "63553"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005050"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-097"
},
{
"db": "NVD",
"id": "CVE-2013-5553"
}
]
},
"id": "VAR-201311-0294",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14350"
},
{
"db": "VULHUB",
"id": "VHN-65555"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14350"
}
]
},
"last_update_date": "2025-04-11T23:04:03.734000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "31516",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=31516"
},
{
"title": "cisco-sa-20131106-sip",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131106-sip"
},
{
"title": "31562",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=31562"
},
{
"title": "cisco-sa-20131106-sip",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/JP/112/1120/1120849_cisco-sa-20131106-sip-j.html"
},
{
"title": "Patch for Cisco IOS SIP Remote Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/40983"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14350"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005050"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-65555"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005050"
},
{
"db": "NVD",
"id": "CVE-2013-5553"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20131106-sip"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5553"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5553"
},
{
"trust": 0.6,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=31562"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/63553"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/25242"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20131106-sip#@id"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14350"
},
{
"db": "VULHUB",
"id": "VHN-65555"
},
{
"db": "BID",
"id": "63553"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005050"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-097"
},
{
"db": "NVD",
"id": "CVE-2013-5553"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-14350"
},
{
"db": "VULHUB",
"id": "VHN-65555"
},
{
"db": "BID",
"id": "63553"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005050"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-097"
},
{
"db": "NVD",
"id": "CVE-2013-5553"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14350"
},
{
"date": "2013-11-08T00:00:00",
"db": "VULHUB",
"id": "VHN-65555"
},
{
"date": "2013-11-06T00:00:00",
"db": "BID",
"id": "63553"
},
{
"date": "2013-11-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005050"
},
{
"date": "2013-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-097"
},
{
"date": "2013-11-08T04:47:23.010000",
"db": "NVD",
"id": "CVE-2013-5553"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14350"
},
{
"date": "2013-11-08T00:00:00",
"db": "VULHUB",
"id": "VHN-65555"
},
{
"date": "2013-11-06T00:00:00",
"db": "BID",
"id": "63553"
},
{
"date": "2013-11-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005050"
},
{
"date": "2013-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-097"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2013-5553"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-097"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IOS Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005050"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-097"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…