#VU7175 Denial of service in Cisco ASR 5000 Series - CVE-2017-3865
Published: June 22, 2017
Vulnerability identifier: #VU7175
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2017-3865
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Cisco ASR 5000 Series
Cisco ASR 5000 Series
Software vendor:
Cisco Systems, Inc
Cisco Systems, Inc
Description
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the IPsec component of Cisco StarOS for Cisco ASR 5000 Series Routers due to improper processing of Internet Key Exchange (IKE) messages. A remote attacker can send specially crafted IKE messages, cause the ipsecmgr service to reload, terminate all active IPsec VPN tunnels, prevent new tunnels from establishing and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
The weakness exists in the IPsec component of Cisco StarOS for Cisco ASR 5000 Series Routers due to improper processing of Internet Key Exchange (IKE) messages. A remote attacker can send specially crafted IKE messages, cause the ipsecmgr service to reload, terminate all active IPsec VPN tunnels, prevent new tunnels from establishing and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
Remediation
Install update from vendor's website.