Guest

Preview Tool

Cisco Bug: CSCut22069 - Cisco Packet Data Network Gateway (PGW) Packet Monitor Vulnerability

Last Modified

Dec 25, 2016

Products (1)

  • Cisco ASR 5000 Series

Known Affected Releases

18.0.0.59211

Description (partial)

Symptoms:
A vulnerability in packet monitoring feature of the Cisco Packet Data Network Gateway (PGW) 
could allow an unauthenticated, remote attacker to cause the CLI session where packet monitoring 
was enabled to reset.

The vulnerability is due to a malformed GPRS Tunneling Protocol Version 2 (GTPv2) packet which is 
received when packet monitoring is active on the CLI. An attacker could exploit this vulnerability by 
sending a crafted malformed GTPv2 packet when a local, authenticated user had enabled packet 
monitoring to the CLI. An exploit could allow the attacker to cause the CLI session where packet 
monitoring is enabled to stop responding.

Conditions:
Device configured with packet monitoring for GTPv2 - monitor protocol and GTPv2 option is 74 - 
running an affected version of software.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.