Vulnerability Details : CVE-2013-1100
The HTTP server in Cisco IOS on Catalyst switches does not properly handle TCP socket events, which allows remote attackers to cause a denial of service (device crash) via crafted packets on TCP port (1) 80 or (2) 443, aka Bug ID CSCuc53853.
Vulnerability category: Denial of service
Products affected by CVE-2013-1100
- cpe:2.3:o:cisco:ios:-:*:*:*:*:*:*:*When used together with: Cisco » Catalyst 2820When used together with: Cisco » Catalyst 2900When used together with: Cisco » Catalyst 2900 VlanWhen used together with: Cisco » Catalyst 2900xlWhen used together with: Cisco » Catalyst 2901When used together with: Cisco » Catalyst 2902When used together with: Cisco » Catalyst 2920When used together with: Cisco » Catalyst 2926When used together with: Cisco » Catalyst 2926fWhen used together with: Cisco » Catalyst 2926glWhen used together with: Cisco » Catalyst 2926gsWhen used together with: Cisco » Catalyst 2926tWhen used together with: Cisco » Catalyst 2940When used together with: Cisco » Catalyst 2948When used together with: Cisco » Catalyst 2948-ge-txWhen used together with: Cisco » Catalyst 2948gWhen used together with: Cisco » Catalyst 2948g-l3When used together with: Cisco » Catalyst 2950When used together with: Cisco » Catalyst 2950 LreWhen used together with: Cisco » Catalyst 2955When used together with: Cisco » Catalyst 2970When used together with: Cisco » Catalyst 2980gWhen used together with: Cisco » Catalyst 2980g-aWhen used together with: Cisco » Catalyst 3000When used together with: Cisco » Catalyst 3200When used together with: Cisco » Catalyst 3500When used together with: Cisco » Catalyst 3500 XlWhen used together with: Cisco » Catalyst 3500xlWhen used together with: Cisco » Catalyst 3550When used together with: Cisco » Catalyst 3560When used together with: Cisco » Catalyst 3560-eWhen used together with: Cisco » Catalyst 3560-xWhen used together with: Cisco » Catalyst 3750When used together with: Cisco » Catalyst 3750-eWhen used together with: Cisco » Catalyst 3750-xWhen used together with: Cisco » Catalyst 3750 MetroWhen used together with: Cisco » Catalyst 3750gWhen used together with: Cisco » Catalyst 3900When used together with: Cisco » Catalyst 4000When used together with: Cisco » Catalyst 4200When used together with: Cisco » Catalyst 4224When used together with: Cisco » Catalyst 4232When used together with: Cisco » Catalyst 4232-13When used together with: Cisco » Catalyst 4500When used together with: Cisco » Catalyst 4503When used together with: Cisco » Catalyst 4506When used together with: Cisco » Catalyst 4507rWhen used together with: Cisco » Catalyst 4510rWhen used together with: Cisco » Catalyst 4840gWhen used together with: Cisco » Catalyst 4908g-l3When used together with: Cisco » Catalyst 4912gWhen used together with: Cisco » Catalyst 4948When used together with: Cisco » Catalyst 5000When used together with: Cisco » Catalyst 5500When used together with: Cisco » Catalyst 5505When used together with: Cisco » Catalyst 5509When used together with: Cisco » Catalyst 6000When used together with: Cisco » Catalyst 6500When used together with: Cisco » Catalyst 6608When used together with: Cisco » Catalyst 6624When used together with: Cisco » Catalyst 7600When used together with: Cisco » Catalyst 8500When used together with: Cisco » Catalyst 8510csrWhen used together with: Cisco » Catalyst 8510msrWhen used together with: Cisco » Catalyst 8540csrWhen used together with: Cisco » Catalyst 8540msrWhen used together with: Cisco » Catalyst Ws-c2924-xl
Exploit prediction scoring system (EPSS) score for CVE-2013-1100
0.18%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 56 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-1100
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.4
|
MEDIUM | AV:N/AC:H/Au:N/C:N/I:N/A:C |
4.9
|
6.9
|
NIST |
CWE ids for CVE-2013-1100
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-1100
-
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1100
Cisco IOS Software HTTP Server Denial of Service Vulnerability
Jump to