Vulnslist

find the latest Cisco vulnerabilities

Cisco ASR 1000 Series Aggregation Services Routers SNMP High CPU Denial of Service Vulnerability

cisco-sa-20170201-asrsnmp · Medium · Published · Updated

A vulnerability in Simple Network Management Protocol (SNMP) functions of Cisco ASR 1000 Series Aggregation Services Routers running Cisco IOS XE Software Release 3.13.6S, 3.16.2S, or 3.17.1S could allow an authenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to an incorrect initialized variable. An attacker could exploit this vulnerability by performing SNMP polling on MIBs and using only Interface Index (ifIndex) values. A successful exploit could allow the attacker to increase CPU usage to 99% on an affected device and cause a DoS condition. There are workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-asrsnmp

Cisco advisory ·CSAF JSON

Workarounds

If the device console is accessible, administrators can remove the SNMP configuration to allow the CPU to recover and allow for a device upgrade to a fixed release of the software.

If the device console is not accessible, administrators can power cycle the device and either remove the SNMP configuration or prevent SNMP polling on the device to allow for a device upgrade to a fixed release of the software.

CVEsCVE-2017-3820
Cisco Bug IDsCSCux68796
CVSS ScoreBase 6.5
Base 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:X/RL:X/RC:X
Product Names From Source
Cisco ASR 1000 Series Aggregation Services Routers, Cisco IOS XE Software 3.13.6S, Cisco IOS XE Software 3.16.2S, Cisco IOS XE Software 3.17.1S, Cisco IOS XE Software

Related Products

Product CVE Evidence
Cisco RV Series Routers CVE-2017-3820 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2017-3820 Cisco OpenVuln
Cisco IOS Software CVE-2017-3820 Cisco OpenVuln
Cisco IOS XE Software CVE-2017-3820 Cisco OpenVuln
Cisco IOS CVE-2017-3820 Cisco OpenVuln
Cisco ASR 1000 Series Aggregation Services Routers CVE-2017-3820 Cisco OpenVuln
Cisco Catalyst 9600 Series Switches CVE-2017-3820 Cisco OpenVuln · software-dependent
Cisco Catalyst 9500 Series Switches CVE-2017-3820 Cisco OpenVuln · software-dependent
Cisco Catalyst 9400 Series Switches CVE-2017-3820 Cisco OpenVuln · software-dependent
Cisco Catalyst 9300 Series Switches CVE-2017-3820 Cisco OpenVuln · software-dependent
Cisco Catalyst 9200 Series Switches CVE-2017-3820 Cisco OpenVuln · software-dependent