Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

Cisco ONS 15454 Series Multiservice Provisioning Platforms TCP Port Management Denial of Service Vulnerability

cisco-sa-20161207-cons · Medium · Published · Updated

A vulnerability in TCP port management in Cisco ONS 15454 Series Multiservice Provisioning Platforms could allow an unauthenticated, remote attacker to cause the controller card to unexpectedly reload. The vulnerability is due to a specific TCP port listening on the local management port when it should have been internal only. An attacker could exploit this vulnerability by sending a continuous stream of TCP traffic to the targeted device on the specific TCP port. An exploit could allow the attacker to cause the controller card to unexpectedly reset. The user traffic is not impacted; however, the management port traffic could be briefly disrupted. There are workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-cons

Cisco advisory · CSAF JSON

Workarounds

The administrator can set the LAN config mode to Ethernet Switch. This configuration setting can help avoid the unexpected controller reset due to TCP congestion on the management port. The unexpected reset has been observed only with the MSM configuration setting.

CVEsCVE-2016-9211
Cisco Bug IDsCSCuw26032
CVSS ScoreBase 5.0
Base 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P/E:F/RL:U/RC:C
Product Names From Source
Cisco ONS 15454 SDH System Software

Related Products

Product CVE Evidence
Cisco ONS 15454 SDH System Software CVE-2016-9211 Cisco OpenVuln