Main Vulnerability Database SB2018020104

SB2018020104 - Denial of service in Cisco ASR 9000 Series Routers

Published: February 1, 2018

Security Bulletin ID SB2018020104

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper input validation (CVE-ID: CVE-2018-0136)

The vulnerability allows a remote attacker to cause DoS condition no the target system.

The vulnerability exists in the IPv6 subsystem due to incorrect handling of IPv6 packets with a fragment header extension. A remote attacker can send specially crafted IPv6 packets designed to trigger the issue either to or through the Trident-based line card and cause the Trident-based line cards to reload during the period of time the line card takes to restart.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Install update from vendor's website.

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6

SB2018020104 - Denial of service in Cisco ASR 9000 Series Routers

Breakdown by Severity

Description

Remediation

References

Please verify you're human