CISCO : Cisco Network Convergence System 5500 Series Routers Local Denial of Service Vulnerability (cisco-sa-20170607-ncs)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.106857

Categoría: CISCO

Título: Cisco Network Convergence System 5500 Series Routers Local Denial of Service Vulnerability (cisco-sa-20170607-ncs)

Resumen: A vulnerability in the forwarding component of Cisco IOS XR; Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an; authenticated, local attacker to cause the router to stop forwarding data traffic across Traffic; Engineering tunnels, resulting in a denial of service (DoS) condition.

Descripción: Summary:
A vulnerability in the forwarding component of Cisco IOS XR
Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an
authenticated, local attacker to cause the router to stop forwarding data traffic across Traffic
Engineering tunnels, resulting in a denial of service (DoS) condition.

Vulnerability Insight:
The vulnerability occurs because adjacency information for a
Traffic Engineering tunnel's physical source interface is not propagated to hardware after
the adjacency is lost. This information needs to be relearned. An attacker could exploit this
vulnerability by logging in to the router's CLI with administrator privileges and issuing the
clear arp-cache command.

Vulnerability Impact:
A local attacker may cause a denial of service condition.

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
1.9

CVSS Vector:
AV:L/AC:M/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2017-6666
BugTraq ID: 98987
http://www.securityfocus.com/bid/98987
http://www.securitytracker.com/id/1038630

Copyright Copyright (C) 2017 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.106857
Categoría:	CISCO
Título:	Cisco Network Convergence System 5500 Series Routers Local Denial of Service Vulnerability (cisco-sa-20170607-ncs)
Resumen:	A vulnerability in the forwarding component of Cisco IOS XR; Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an; authenticated, local attacker to cause the router to stop forwarding data traffic across Traffic; Engineering tunnels, resulting in a denial of service (DoS) condition.
Descripción:	Summary: A vulnerability in the forwarding component of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an authenticated, local attacker to cause the router to stop forwarding data traffic across Traffic Engineering tunnels, resulting in a denial of service (DoS) condition. Vulnerability Insight: The vulnerability occurs because adjacency information for a Traffic Engineering tunnel's physical source interface is not propagated to hardware after the adjacency is lost. This information needs to be relearned. An attacker could exploit this vulnerability by logging in to the router's CLI with administrator privileges and issuing the clear arp-cache command. Vulnerability Impact: A local attacker may cause a denial of service condition. Solution: See the referenced vendor advisory for a solution. CVSS Score: 1.9 CVSS Vector: AV:L/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-6666 BugTraq ID: 98987 http://www.securityfocus.com/bid/98987 http://www.securitytracker.com/id/1038630
Copyright	Copyright (C) 2017 Greenbone Networks GmbH