cisco-sa-20151028-asr

Cisco ASR 5500 SAE Gateway BGP Denial of Service Vulnerability

cisco-sa-20151028-asr · Medium · Published 10 years ago · Updated 10 years ago

A vulnerability in the Border Gateway Protocol (BGP) input packet handler in the Cisco ASR 5500 System Architecture Evolution (SAE) Gateway could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition because the BGP process restarts unexpectedly. The vulnerability is due to lack of proper input validation of the BGP packet header. An attacker could exploit this vulnerability by sending a crafted BGP packet to the affected device. An exploit could allow the attacker to cause a partial DoS condition because the BGP process restarts unexpectedly. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151028-asr

Cisco advisory ·CSAF JSON

Workarounds

Administrators may consider removing the BGP configuration from affected devices.

CVEs	CVE-2015-6351
Cisco Bug IDs	CSCuw65781
CVSS Score	Base 5.0 Base 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P/E:F/RL:OF/RC:C
Product Names From Source	Cisco ASR 5000 Series Software

Related Products

Product	CVE	Evidence
Cisco ASR 5000 Series Software	CVE-2015-6351	Cisco OpenVuln

Vulnslist

find the latest Cisco vulnerabilities

Cisco ASR 5500 SAE Gateway BGP Denial of Service Vulnerability

Workarounds

Related Products