Executive Summary

Summary
Title Cisco Aggregation Services Router 9000 Series IPv6 Fragment Header Denial of Service Vulnerability
Informations
Name cisco-sa-20180131-ipv6 First vendor Publication 2018-01-31
Vendor Cisco Last vendor Modification 2018-01-31
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service (DoS) condition.

The vulnerability is due to incorrect handling of IPv6 packets with a fragment header extension. An attacker could exploit this vulnerability by sending IPv6 packets designed to trigger the issue either to or through the Trident-based line card. A successful exploit could allow the attacker to trigger a reload of Trident-based line cards, resulting in a DoS during the period of time the line card takes to restart.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6 ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6"]

BEGIN PGP SIGNATURE

iQJ5BAEBAgBjBQJacen4XBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50 IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly dEBjaXNjby5jb20+AAoJEJa12PPJBfczbvcP/3roV03TIdBh4bXMTP/LwM3TUHnJ hJq8uWV9DYnYoEbU+GR1yRC94kaj//2GpPQ7HqV6P9JXvZ3BpKwVOCLAGOXyUUsg P1c7veTL5tIlI0W5+MwSCq9EXpCQY7a8jWkR2GI9mXUxHLIL6z3ETpIc7KaTX8YJ fQVR1fvlvjn+jhshxnYZsgcNHcdwkhgOo722mx0CIKislokl7s6FfGGJS1aauVIZ 0jGDXyh6mHDR9v8EMvuq8nMG+xQANMCklwsUkiTHct2tLsIyF+sz43YnaDy7PTfU Lh0Xzc/YgbHWzDqO4QlkiWH6F7sYydzc2MIaLKRTeNM5ElhJi4ZnpJgfeEj9HpCn C7L5CXKWpthpcZfhPC5U98euje6PyscyvojpPau9QEZVO3pLZLzbd56Hk/Rz18Pd xqFu17Q94duowZVMVNaeiNtLgj20h3x4uxgZ1EnOun6f1ViVCEi97N93rxUloiNN 1hhf+iIVQ1rMiqalWCOJ46teidOIumLI0uovURyUnitokPamFnohvld0ETNz9cnQ ZchHKxcObPJ00q9FEDMORbUHXeAiFO3TkLLgsK7EEosq6AnpdoIeRez4i4EuAey2 iOapcb9Z6AoBUp4G81JqxvNnnNhixpV1wRq971uOJxZtl52hRSGm2XgQYPiwrrtk LNPkUwyFMvD4DVQT =IU61 END PGP SIGNATURE

_______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-20 Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 1

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2018-02-28 21:22:14
  • Multiple Updates
2018-02-01 00:21:52
  • Multiple Updates
2018-01-31 17:19:06
  • First insertion