Vulnerabilities > Cisco > ASR 1023 Router

DATE CVE VULNERABILITY TITLE RISK
2013-04-11 CVE-2013-1167 Path Traversal vulnerability in Cisco products
Cisco IOS XE 3.2 through 3.4 before 3.4.2S, and 3.5, on 1000 series Aggregation Services Routers (ASR), when bridge domain interface (BDI) is enabled, allows remote attackers to cause a denial of service (card reload) via packets that are not properly handled during the processing of encapsulation, aka Bug ID CSCtt11558.
network
cisco CWE-22
7.1
7.1
2013-04-11 CVE-2013-1166 Improper Input Validation vulnerability in Cisco products
Cisco IOS XE 3.2 through 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR), when VRF-aware NAT and SIP ALG are enabled, allows remote attackers to cause a denial of service (card reload) by sending many SIP packets, aka Bug ID CSCuc65609.
network
low complexity
cisco CWE-20
7.8
7.8
2013-04-11 CVE-2013-1165 Improper Input Validation vulnerability in Cisco products
Cisco IOS XE 2.x and 3.x before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) allows remote attackers to cause a denial of service (card reload) by sending many crafted L2TP packets, aka Bug ID CSCtz23293.
network
low complexity
cisco CWE-20
7.8
7.8