Denial of service in Cisco ASR 5500 Series Routers - CVE-2017-12217
Published: September 7, 2017
Vulnerability identifier: #VU8153
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2017-12217
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Cisco ASR 5500 Series Routers
Cisco ASR 5500 Series Routers
Detailed vulnerability description
The vulnerability allows a remote attacker to cause DoS condition.
The weakness exists in the General Packet Radio Service (GPRS) Tunneling Protocol ingress packet handler due to improper input validation of GPRS Tunneling Protocol packet headers. A remote attacker can send a specially crafted GPRS Tunneling Protocol packet and cause the GTPUMGR process to restart.
Successful exploitation of the vulnerability results in denial of service.
The weakness exists in the General Packet Radio Service (GPRS) Tunneling Protocol ingress packet handler due to improper input validation of GPRS Tunneling Protocol packet headers. A remote attacker can send a specially crafted GPRS Tunneling Protocol packet and cause the GTPUMGR process to restart.
Successful exploitation of the vulnerability results in denial of service.
How to mitigate CVE-2017-12217
The vulnerability is addressed in the following versions: 21.4.A0.67189, 21.4.A0.67178, 21.3.M0.67190, 21.3.M0.67173, 21.3.J0.67193, 21.3.J0.67183, 21.3.0, 21.2.2.67187, 21.2.2.