CVE-2013-6981
Description
Cisco IOS XE 3.7S(.1) and earlier are vulnerable to a denial of service via fragmented MPLS IP packets, causing a Packet Processor crash.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Cisco IOS XE 3.7S(.1) and earlier are vulnerable to a denial of service via fragmented MPLS IP packets, causing a Packet Processor crash.
Vulnerability
Cisco IOS XE versions 3.7S(.1) and earlier contain a vulnerability in the handling of fragmented MPLS IP packets. An attacker can send specially crafted fragmented MPLS packets to trigger a crash of the Packet Processor, leading to a denial of service condition. This issue is tracked as Cisco Bug ID CSCul00709. [1]
Exploitation
An unauthenticated remote attacker can exploit this vulnerability by sending fragmented MPLS IP packets to an affected device. No authentication or special network position is required beyond the ability to send IP packets to the target. The attack does not require user interaction. [1]
Impact
Successful exploitation causes the Packet Processor to crash, resulting in a denial of service. This can disrupt network traffic processing on the affected Cisco IOS XE device until the processor is restarted. [1]
Mitigation
Cisco has not provided a fixed version in the available references. Users should consult the Cisco Security Advisory for CVE-2013-6981 for updated information on patched releases. As a workaround, administrators may consider filtering fragmented MPLS packets at network boundaries if feasible. [1]
AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
30cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*+ 29 more
- cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*range: <=3.7s\(.1\)
- cpe:2.3:o:cisco:ios_xe:2.5\(.0\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:2.6\(.0\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:2.6\(.1\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:2.6\(.2\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.1s\(.0\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.1s\(.1\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.1s\(.2\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.1s\(.3\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.2s\(.0\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.2s\(.1\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.2s\(.2\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.3s\(.0\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.3s\(.1\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.3s\(.2\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.4s\(.0\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.4s\(.1\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.4s\(.2\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.4s\(.3\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.4s\(.4\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.4s\(.5\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.4s\(.6\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.5s\(.0\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.5s\(.1\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.5s\(.2\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.6s\(.0\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.6s\(.1\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.6s\(.2\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.7s\(.0\):*:*:*:*:*:*:*
- (no CPE)range: <=3.7S(.1)
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6981nvdVendor Advisory
- tools.cisco.com/security/center/viewAlert.xnvdVendor Advisory
- www.securityfocus.com/bid/64514nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1029538nvdThird Party AdvisoryVDB Entry
- osvdb.org/101423nvd
- secunia.com/advisories/56206nvd
News mentions
0No linked articles in our index yet.