Vulnerability identifier: #VU7175
Vulnerability risk: Medium
CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-20
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Cisco ASR 5000 Series
Hardware solutions /
Firmware
Vendor: Cisco Systems, Inc
Description
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the IPsec component of Cisco StarOS for Cisco ASR 5000 Series Routers due to improper processing of Internet Key Exchange (IKE) messages. A remote attacker can send specially crafted IKE messages, cause the ipsecmgr service to reload, terminate all active IPsec VPN tunnels, prevent new tunnels from establishing and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Cisco ASR 5000 Series: 21.1.0 - 21.1.v0
External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-asr
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.