Activity Summary
- 2380 days inactive
- 2380 days old
- apops@apops.net
- 1 participants
- 0 comments
j
: Next unread message k
: Previous unread message j a
: Jump to all threads
j l
: Jump to MailingList overview
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Cisco Security Advisory: Cisco IOS and IOS XE Software IPv6 Denial of Service Vulnerability
Advisory ID: cisco-sa-20170320-aniipv6
Revision: 1.0
For Public Release: 2017 March 20 16:00 GMT
Last Updated: 2017 March 20 16:00 GMT
CVE ID(s): CVE-2017-3850
CVSS Score v(3): 8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
+---------------------------------------------------------------------
Summary ======= A vulnerability in the Autonomic Networking Infrastructure (ANI) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
The vulnerability is due to incomplete input validation on certain crafted packets. An attacker could exploit this vulnerability by sending a crafted IPv6 packet to a device that is running a Cisco IOS Software or Cisco IOS XE Software release that supports the ANI feature.
A device must meet two conditions to be affected by this vulnerability:
The device must be running a version of Cisco IOS Software or Cisco IOS XE Software that supports ANI (regardless of whether ANI is configured) The device must have a reachable IPv6 interface An exploit could allow the attacker to cause the affected device to reload.
Cisco has released software updates that address this vulnerability. There is a workaround that addresses this vulnerability.
This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-... ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-..."]
Note: Also see the companion advisory for affected devices that are configured as an autonomic registrar: Cisco IOS and IOS XE Software Autonomic Networking Infrastructure Registrar Denial of Service Vulnerability ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-..."].