Executive Summary
Summary | |
---|---|
Title | Cisco IOS and IOS XE Software IPv6 Denial of Service Vulnerability |
Informations | |||
---|---|---|---|
Name | cisco-sa-20170320-aniipv6 | First vendor Publication | 2017-03-20 |
Vendor | Cisco | Last vendor Modification | 2017-03-20 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.1 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A vulnerability in the Autonomic Networking Infrastructure (ANI) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incomplete input validation on certain crafted packets. An attacker could exploit this vulnerability by sending a crafted IPv6 packet to a device that is running a Cisco IOS Software or Cisco IOS XE Software release that supports the ANI feature. A device must meet two conditions to be affected by this vulnerability: The device must be running a version of Cisco IOS Software or Cisco IOS XE Software that supports ANI (regardless of whether ANI is configured) The device must have a reachable IPv6 interface An exploit could allow the attacker to cause the affected device to reload. Cisco has released software updates that address this vulnerability. There is a workaround that addresses this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-aniipv6 ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-aniipv6"] Note: Also see the companion advisory for affected devices that are configured as an autonomic registrar: Cisco IOS and IOS XE Software Autonomic Networking Infrastructure Registrar Denial of Service Vulnerability ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170320-ani"]. BEGIN PGP SIGNATURE iQKBBAEBAgBrBQJYz/8FZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg SW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx NykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHlaRA//a9iZUux/uV4vP+Ro iXa4MD+SjByb3/JBiM+CXEEeKgraYh9amaJbaWuWJekRpsQg4uOssLYa6kWSAFCn f7t3Osig//b3AifdFwKvEFcAk45Gu10DoYrwgFZMS8wQVw6YSRXxfrCRJKWGVPq1 yspaRyvn4Nmf381xg/As53siPSO3FDx88lshVgyvzMHPdJVNbbDbo4VaFiIHTBEO Zlc2f2F+inZEroNoOSVDY1gQDIfG4mK73z+ka+l+evatMPLEKOBv2OP7BGcuG8tY hyaiSfTP91M0Zc+86Q8VizopxfWBNJKOT/RZYybbRApViRbDBd8dm7veAizZh/MT HeXvDjSb6FxDhkK90QEK/4xqewFaYSRkWpGK79N03/6Uv1RPM+AuWscpkWKc96VQ aRlT1rREaQgKkBvwiHiOVvKnvUIVxLvJoloFsoELxv2pKd+5b1zxwfmkAFVwPC1U 4b+6T/TWumRyfOhgANj249qUwQsiValnu5Qx3p1ZrZiZce6zofU5Dvyqpihg0JiY 2xuya2HwfJEPji106nyrIdzvXekemoKNr/KBdTq8qkpo2HP6aBn8oh26CLTqAx0g F/pGBlNFRP+ql5hO/vW5gsps/dlOflbQg3m0LEqVF03FrIePKVmlSJ2cM6uHwtPE gvJGgfBqwqfGjPsSuqcV6epB7HA= =gzXu END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
Original Source
Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
CPE : Common Platform Enumeration
Snort® IPS/IDS
Date | Description |
---|---|
2017-03-23 | Cisco IOS autonomic networking discovery denial of service attempt RuleID : 42051 - Revision : 1 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-03-24 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20170320-aniipv6-ios.nasl - Type : ACT_GATHER_INFO |
2017-03-24 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20170320-aniipv6-iosxe.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2017-03-27 21:22:44 |
|
2017-03-25 13:25:20 |
|
2017-03-21 21:26:06 |
|
2017-03-20 21:24:54 |
|
2017-03-20 21:22:38 |
|