SB2017092803 - Remote DoS in Cisco IOS for Cisco Integrated Services Routers Generation 2
Published: September 28, 2017
Security Bulletin ID
SB2017092803
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Adjecent network
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Denial of service (CVE-ID: CVE-2017-12232)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.The vulnerability exists due to a misclassification of Ethernet frames. A remote attacker with access to local network can send a specially crafted Ethernet frame to an affected device and cause the device do reload, resulting in denial of service (DoS) attack. This vulnerability affects Cisco Integrated Services Routers Generation 2 (ISR G2) Routers that are running a vulnerable release of Cisco IOS Software.
Remediation
Install update from vendor's website.