Guest

Preview Tool

Cisco Bug: CSCvh77659 - Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability

Last Modified

Sep 26, 2018

Products (1)

  • Cisco Industrial Ethernet 2000 Series Switches

Known Affected Releases

15.2(5)

Description (partial)

Symptom:
A vulnerability in the Precision Time Protocol (PTP) sub-system of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time Protocol.

The vulnerability is due to insufficient processing of PTP packets. An attacker could exploit this vulnerability by sending a crafted PTP packet to, or through, an affected device.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ptp

This advisory is part of the September 26, 2018, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 12 Cisco Security Advisories that describe 13 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: September 2018 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication - http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-69981

Conditions:
Please refer to the Security Advisory.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.