Denial of service in Cisco ASR 9000 Series Routers
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2018-0136 |
| CWE-ID | CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Cisco ASR 9922 Router Client/Desktop applications / Software for system administration Cisco ASR 9912 Router Hardware solutions / Routers & switches, VoIP, GSM, etc Cisco ASR 9001 Router Hardware solutions / Routers & switches, VoIP, GSM, etc Cisco ASR 9006 Router Hardware solutions / Routers & switches, VoIP, GSM, etc Cisco ASR 9904 Router Hardware solutions / Routers & switches, VoIP, GSM, etc Cisco ASR 9010 Router Hardware solutions / Routers & switches, VoIP, GSM, etc Cisco ASR 9000 Series Aggregation Services Routers Hardware solutions / Routers & switches, VoIP, GSM, etc |
| Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Improper input validation
EUVDB-ID: #VU10339
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2018-0136
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition no the target system.
The vulnerability exists in the IPv6 subsystem due to incorrect handling of IPv6 packets with a fragment header extension. A remote attacker can send specially crafted IPv6 packets designed to trigger the issue either to or through the Trident-based line card and cause the Trident-based line cards to reload during the period of time the line card takes to restart.
Successful exploitation of the vulnerability results in denial of service.
Update to version 5.3.4.
Vulnerable software versionsCisco ASR 9922 Router: All versions
Cisco ASR 9912 Router: All versions
Cisco ASR 9001 Router: All versions
Cisco ASR 9006 Router: All versions
Cisco ASR 9904 Router: All versions
Cisco ASR 9010 Router: All versions
Cisco ASR 9000 Series Aggregation Services Routers: All versions
CPE2.3- cpe:2.3:a:cisco_systems:cisco_asr_9922_router:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_asr_9912_router:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_asr_9001_router:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_asr_9006_router:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_asr_9904_router:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_asr_9010_router:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco_systems:cisco_asr_9000_series_aggregation_services_routers:*:*:*:*:*:*:*:*
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
