Vulnslist

find the latest Cisco vulnerabilities

Cisco IOS XR Software Intermediate System-to-Intermediate System Denial of Service Vulnerability

cisco-sa-20200122-ios-xr-dos · High · Published · Updated

A vulnerability in the implementation of the Intermediate System-to-Intermediate System (IS-IS) routing protocol functionality in Cisco IOS XR Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the IS-IS process. The vulnerability is due to improper handling of a Simple Network Management Protocol (SNMP) request for specific Object Identifiers (OIDs) by the IS-IS process. An attacker could exploit this vulnerability by sending a crafted SNMP request to the affected device. A successful exploit could allow the attacker to cause a DoS condition in the IS-IS process. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-dos

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability. However, administrators may choose to perform one of the following mitigations:

Disable SNMP: This vulnerability is exploited by doing an SNMP query of a special MIB OID range. If SNMP is disabled, this vulnerability cannot be exploited. For mitigation of this vulnerability if SNMP is enabled on the device, contact Cisco TAC for assistance with the OIDs.

Configure an access control list: Administrators can also configure an access control list (ACL) on an SNMP community to filter incoming SNMP requests to ensure that SNMP queries are performed only by trusted SNMP clients. For information about configuring ACLs, see the Cisco Guide to Harden Cisco IOS XR Devices https://sec.cloudapps.cisco.com/security/center/resources/increase_security_ios_xr_devices.html#28 .

CVEsCVE-2019-16027
Cisco Bug IDsCSCvr62342
CVSS ScoreBase 7.7
Base 7.7 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:X/RL:X/RC:X
Product Names From Source
Cisco IOS XR Software

Related Products

Product CVE Evidence
Cisco RV Series Routers CVE-2019-16027 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2019-16027 Cisco OpenVuln
Cisco IOS Software CVE-2019-16027 Cisco OpenVuln
Cisco IOS XR Software CVE-2019-16027 Cisco OpenVuln
Cisco IOS CVE-2019-16027 Cisco OpenVuln