Vulnslist

find the latest Cisco vulnerabilities

Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers MPLS OAM Denial of Service Vulnerability

cisco-sa-20190515-iosxr-mpls-dos · High · Published · Updated

A vulnerability in the Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to the incorrect handling of certain MPLS OAM packets. An attacker could exploit this vulnerability by sending malicious MPLS OAM packets to an affected device. A successful exploit could allow the attacker to cause the lspv_server process to crash. The crash could lead to system instability and the inability to process or forward traffic though the device, resulting in a DoS condition that require manual intervention to restore normal operating conditions. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-iosxr-mpls-dos

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

Disabling the MPLS OAM feature eliminates the exploit vector. Administrators can disable the MPLS OAM feature by using the no mpls oam command in global configuration mode. This action may be a suitable mitigation until devices that are affected by this vulnerability can be upgraded.

CVEsCVE-2019-1846
Cisco Bug IDsCSCvk63685
CVSS ScoreBase 7.4
Base 7.4 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:X/RL:X/RC:X
Product Names From Source
Cisco IOS XR Software

CSAF Product Statuses

Product Status Source CVE Rows
Cisco IOS XR Software known_affected cisco_csaf CVE-2019-1846 1

Related Products

Product CVE Evidence
Cisco ASR 9000 Series Aggregation Services Routers CVE-2019-1846 Cisco OpenVuln · family-level
Cisco IOS XR Software CVE-2019-1846 Cisco OpenVuln
Cisco IOS CVE-2019-1846 Cisco OpenVuln
Cisco IOS Software CVE-2019-1846 Cisco OpenVuln