NVD

Id
40758  
Name
CVE-2013-5469  
Description
The TCP implementation in Cisco IOS does not properly implement the transitions from the ESTABLISHED state to the CLOSED state, which allows remote attackers to cause a denial of service (flood of ACK packets) via a crafted series of ACK and FIN packets, aka Bug ID CSCtz14399.  
Reject
 
CVSS Version
2  
CVSS Score
7.1  
Severity
High  
CVSS Base Score
7.1  
CVSS Impact Subscore
6.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:N/A:C)  
Pub Date
2017-01-18  
Published
2013-08-30  
Modified Date
2013-09-11  
Seq
2013-5469  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
206209 40758 CVE-2013-5469 20130830 Cisco IOS Software TCP ACK Storm Vulnerability  View
206210 40758 CVE-2013-5469 62083  View
206211 40758 CVE-2013-5469 1028969  View
206212 40758 CVE-2013-5469 cisco-ios-cve20135469-dos(86794)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
22373 JVNDB-2013-003948 Cisco IOS の TCP の実装におけるサービス運用妨害 (DoS) の脆弱性 Cisco IOS の TCP の実装は、ESTABLISHED 状態から CLOSED 状態への遷移を適切に実装していないため、サービス運用妨害 (ACK パケットフラッド) 状態にされる脆弱性が存在します。 CVE-2013-5469 65411 CVE-2013-5469 40758 7.1 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-003948.html 2013-09-03 2013-09-04 View