Guest

Preview Tool

Cisco Bug: CSCun73782 - Cisco IOS and IOS XE Software LISP Denial of Service Vulnerability

Last Modified

May 13, 2019

Products (97)

  • Cisco IOS
  • Cisco 886VA-CUBE Integrated Services Router
  • Cisco 2951 Integrated Services Router
  • Cisco 812 CiFi Integrated Services Router
  • Cisco 861W Integrated Services Router
  • Cisco 892W Integrated Services Router
  • Cisco C897VA Integrated Services Router
  • Cisco 881SRSTW Integrated Services Router
  • Cisco 1905 Serial Integrated Services Router
  • Cisco ASR 901-6CZ-F-D Router
View all products in Bug Search Tool Login Required

Known Affected Releases

15.2(4)XB9 15.3(3)M 15.3(3)S 15.3(3)XB12 15.4(1)S 15.4(2)S

Description (partial)

Symptom:
 
A vulnerability in LISP control messages processing on Cisco IOS and Cisco IOS XE could allow an unauthenticated, remote attacker to cause a 
vulnerable device to disable CEF forwarding and eventually drop traffic passing through.
 
The vulnerability is due to insufficient checking of certain parameters in LISP control messages on ITR. An attacker could exploit this vulnerability by 
sending malformed LISP control messages to ITR. An exploit could allow the attacker to cause a vulnerable device to disable CEF forwarding and 
eventually drop traffic passing through.
 
Conditions:
Malformed messages can only be generated by a device that is already registered to a LISP system: a valid ETR or ALT.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.