Cisco Bug: CSCut22069 - Cisco Packet Data Network Gateway (PGW) Packet Monitor Vulnerability
Dec 25, 2016
- Cisco ASR 5000 Series
Known Affected Releases
Symptoms: A vulnerability in packet monitoring feature of the Cisco Packet Data Network Gateway (PGW) could allow an unauthenticated, remote attacker to cause the CLI session where packet monitoring was enabled to reset. The vulnerability is due to a malformed GPRS Tunneling Protocol Version 2 (GTPv2) packet which is received when packet monitoring is active on the CLI. An attacker could exploit this vulnerability by sending a crafted malformed GTPv2 packet when a local, authenticated user had enabled packet monitoring to the CLI. An exploit could allow the attacker to cause the CLI session where packet monitoring is enabled to stop responding. Conditions: Device configured with packet monitoring for GTPv2 - monitor protocol and GTPv2 option is 74 - running an affected version of software.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases