Home Unlabelled Cisco ASR 5000 Series IKEv2 Denial of Service Vulnerability

Cisco ASR 5000 Series IKEv2 Denial of Service Vulnerability

By
Wednesday, December 07, 2016
Read
Add Comment
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco ASR 5000 Series Software could allow an unauthenticated, remote attacker to cause a reload of the ipsecmgr process.

The vulnerability is due to a race condition in the IKEv2 negotiation logic. An attacker could exploit this vulnerability by sending crafted IKEv2 packets during a negotiation. An exploit could allow the attacker to cause a crash of the ipsecmgr process, which will restart on its own. Only the connection being negotiated will need to re-establish.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://ift.tt/2gCtv8d A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco ASR 5000 Series Software could allow an unauthenticated, remote attacker to cause a reload of the ipsecmgr process.

The vulnerability is due to a race condition in the IKEv2 negotiation logic. An attacker could exploit this vulnerability by sending crafted IKEv2 packets during a negotiation. An exploit could allow the attacker to cause a crash of the ipsecmgr process, which will restart on its own. Only the connection being negotiated will need to re-establish.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://ift.tt/2gCtv8d
Security Impact Rating: Medium
CVE: CVE-2016-9203

from Cisco Security Advisory http://ift.tt/2gCtv8d
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us