|
Systems Affected
Cisco IOS XE Software version 2.x, 3.x, before 3.10.6, 3.11.x through 3.13.x before 3.13.3, 3.13.x through 3.15.x before 3.15.1.x
Threat Level
Overview
Vulnerability has been reported in Cisco IOS XE Software which could allow a remote authenticated attacker to cause a denial of service (DoS) condition.
Description
This vulnerability occurs due to improper processing of IPv4 packets that require Network Address Translation (NAT) and Multiprotocol Label Switching (MPLS) processing. A remote attacker could exploit this vulnerability by sending IPv4 packet to be processed by a Cisco IOS XE device configured to perform NAT and MPLS services.
Successful exploitation of this vulnerability could allow a remote attacker to cause an affected system to reload resulting in denial of service (DoS) condition.
Impact
Solution/ Workarounds
Apply appropriate updates as mentioned in CISCO advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-iosxe
References
http://www.cert-in.org.in/
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
|
