关键漏洞信息 漏洞标题: Cisco IOS XR Software Route Processor Denial of Service Vulnerability 严重性: High CVE ID: CVE-2013-5549 CVSS Score: Base 7.1, Temporal 5.9 影响的产品: - Cisco IOS XR Software Releases 3.3.0 to 4.2.0 - 具体的Route Processor型号包括: - Cisco CRS-1 Distributed Route Processor (DRP-B) - Cisco CRS-1 16-Slot Line Card Chassis Route Processor (CRS-16-RP) - Cisco CRS-1 8-Slot Line Card Chassis Route Processor (CRS-8-RP) - Cisco CRS-1 16-Slot Line Card Chassis Route Processor B (CRS-16-RP-B) - Cisco CRS Series 4/8-Slot Line Card Chassis Performance Route Processor (CRS-8-PRP-12G, CRS-8-PRP-6G) - Cisco CRS Series 16-Slot Performance Route Processor (CRS-16-PRP-12G, CRS-16-PRP-6G) 漏洞描述: 该漏洞由于在处理分片数据包时处理不当,可能导致Cisco CRS Route Processor处理数据包时无法正确传输,从而导致拒绝服务(DoS)。 CVE ID: CVE-2013-5549 CWE ID: CWE-362 工作绕过: 无 修复软件: Cisco已发布软件更新以解决此漏洞。建议用户咨询Cisco Security Advisories、Responses和Notices档案库以确保升级后设备的内存充足,并确认当前硬件和软件配置可以继续得到新版本的支持。 声明: 这份文档是在"AS IS"基础下提供的,不做任何明示或暗示的担保。