Executive Summary
Summary | |
---|---|
Title | Cisco Aggregation Services Router 9000 Series IPv6 Fragment Header Denial of Service Vulnerability |
Informations | |||
---|---|---|---|
Name | cisco-sa-20180131-ipv6 | First vendor Publication | 2018-01-31 |
Vendor | Cisco | Last vendor Modification | 2018-01-31 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.8 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect handling of IPv6 packets with a fragment header extension. An attacker could exploit this vulnerability by sending IPv6 packets designed to trigger the issue either to or through the Trident-based line card. A successful exploit could allow the attacker to trigger a reload of Trident-based line cards, resulting in a DoS during the period of time the line card takes to restart. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6 ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6"] BEGIN PGP SIGNATURE iQJ5BAEBAgBjBQJacen4XBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50 IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly dEBjaXNjby5jb20+AAoJEJa12PPJBfczbvcP/3roV03TIdBh4bXMTP/LwM3TUHnJ hJq8uWV9DYnYoEbU+GR1yRC94kaj//2GpPQ7HqV6P9JXvZ3BpKwVOCLAGOXyUUsg P1c7veTL5tIlI0W5+MwSCq9EXpCQY7a8jWkR2GI9mXUxHLIL6z3ETpIc7KaTX8YJ fQVR1fvlvjn+jhshxnYZsgcNHcdwkhgOo722mx0CIKislokl7s6FfGGJS1aauVIZ 0jGDXyh6mHDR9v8EMvuq8nMG+xQANMCklwsUkiTHct2tLsIyF+sz43YnaDy7PTfU Lh0Xzc/YgbHWzDqO4QlkiWH6F7sYydzc2MIaLKRTeNM5ElhJi4ZnpJgfeEj9HpCn C7L5CXKWpthpcZfhPC5U98euje6PyscyvojpPau9QEZVO3pLZLzbd56Hk/Rz18Pd xqFu17Q94duowZVMVNaeiNtLgj20h3x4uxgZ1EnOun6f1ViVCEi97N93rxUloiNN 1hhf+iIVQ1rMiqalWCOJ46teidOIumLI0uovURyUnitokPamFnohvld0ETNz9cnQ ZchHKxcObPJ00q9FEDMORbUHXeAiFO3TkLLgsK7EEosq6AnpdoIeRez4i4EuAey2 iOapcb9Z6AoBUp4G81JqxvNnnNhixpV1wRq971uOJxZtl52hRSGm2XgQYPiwrrtk LNPkUwyFMvD4DVQT =IU61 END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
Original Source
Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 1 |
Alert History
Date | Informations |
---|---|
2018-02-28 21:22:14 |
|
2018-02-01 00:21:52 |
|
2018-01-31 17:19:06 |
|