Input validation error in Cisco ASR 5000 Series

#VU29213 Input validation error in Cisco ASR 5000 Series

Published: 2020-06-23

Vulnerability identifier: #VU29213

Vulnerability risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-3244

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Cisco ASR 5000 Series
Hardware solutions / Firmware

Vendor: Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to insufficient validation of user-supplied input in the Enhanced Charging Service (ECS) functionality. A remote attacker can send a specially crafted HTTP request, bypass the traffic classification rules and potentially avoid being charged for traffic consumption.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Cisco ASR 5000 Series: 21.4.5

External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-ecs-bypass-2LqfPCL

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Input validation error in Cisco ASR 5000 Series Aggregation Services Routers