Improper input validation in Cisco Asr_1001
CVE-2013-2779
Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.004 (62.7th percentile) — read the EPSS interpretation.
Affected products
- Cisco Asr_1001
- Cisco Asr_1002
- Cisco Asr_1002_fixed_router
- Cisco Asr_1002-x
- Cisco Asr_1004
- Cisco Asr_1006
- Cisco Asr_1013
- Cisco Asr_1023_router
- Cisco Ios_xe — versions 3.4.0as, 3.4.0s, 3.4.1s
- N/a — versions n/a
Weakness classification (CWE)
References
- 20130410 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers (x_refsource_CISCO, vendor-advisory, Vendor Advisory)