CVE-2017-6729
First published: Mon Jul 10 2017(Updated: )
A vulnerability in the Border Gateway Protocol (BGP) processing functionality of the Cisco StarOS operating system for Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core (VPC) Software could allow an unauthenticated, remote attacker to cause the BGP process on an affected system to reload, resulting in a denial of service (DoS) condition. This vulnerability affects the following products if they are running the Cisco StarOS operating system and BGP is enabled for the system: Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core Software. More Information: CSCvc44968. Known Affected Releases: 16.4.1 19.1.0 21.1.0 21.1.M0.65824. Known Fixed Releases: 21.3.A0.65902 21.2.A0.65905 21.1.b0.66164 21.1.V0.66014 21.1.R0.65898 21.1.M0.65894 21.1.0.66030 21.1.0.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco ASR 5000 Series Routers | =16.4.1 | |
| Cisco ASR 5000 Series Routers | =16.5.0 | |
| Cisco ASR 5000 Series Routers | =16.5.2 | |
| Cisco ASR 5000 Series Routers | =17.2.0 | |
| Cisco ASR 5000 Series Routers | =17.2.0.59184 | |
| Cisco ASR 5000 Series Routers | =17.3.0 | |
| Cisco ASR 5000 Series Routers | =17.3.1 | |
| Cisco ASR 5000 Series Routers | =17.3.9.62033 | |
| Cisco ASR 5000 Series Routers | =17.3_base | |
| Cisco ASR 5000 Series Routers | =17.7.0 | |
| Cisco ASR 5000 Series Routers | =17.7.5 | |
| Cisco ASR 5000 Series Routers | =18.0.0 | |
| Cisco ASR 5000 Series Routers | =18.0.0.57828 | |
| Cisco ASR 5000 Series Routers | =18.0.0.59167 | |
| Cisco ASR 5000 Series Routers | =18.0.0.59211 | |
| Cisco ASR 5000 Series Routers | =18.0.l0.59219 | |
| Cisco ASR 5000 Series Routers | =18.1.0 | |
| Cisco ASR 5000 Series Routers | =18.1.0.59776 | |
| Cisco ASR 5000 Series Routers | =18.1.0.59780 | |
| Cisco ASR 5000 Series Routers | =18.1_base | |
| Cisco ASR 5000 Series Routers | =18.3.0 | |
| Cisco ASR 5000 Series Routers | =18.3_base | |
| Cisco ASR 5000 Series Routers | =18.4.0 | |
| Cisco ASR 5000 Series Routers | =19.0.1 | |
| Cisco ASR 5000 Series Routers | =19.0.m0.60737 | |
| Cisco ASR 5000 Series Routers | =19.0.m0.60828 | |
| Cisco ASR 5000 Series Routers | =19.0.m0.61045 | |
| Cisco ASR 5000 Series Routers | =19.1.0 | |
| Cisco ASR 5000 Series Routers | =19.1.0.61559 | |
| Cisco ASR 5000 Series Routers | =19.2.0 | |
| Cisco ASR 5000 Series Routers | =19.3.0 | |
| Cisco ASR 5000 Series Routers | =19.6.3 | |
| Cisco ASR 5000 Series Routers | =19.6_base | |
| Cisco ASR 5000 Series Routers | =20.0.0 | |
| Cisco ASR 5000 Series Routers | =20.0.1.0 | |
| Cisco ASR 5000 Series Routers | =20.0.1.a0 | |
| Cisco ASR 5000 Series Routers | =20.0.1.v0 | |
| Cisco ASR 5000 Series Routers | =20.0.2.3 | |
| Cisco ASR 5000 Series Routers | =20.0.2.3.65026 | |
| Cisco ASR 5000 Series Routers | =20.0.2.v1 | |
| Cisco ASR 5000 Series Routers | =20.0.m0.62842 | |
| Cisco ASR 5000 Series Routers | =20.0.m0.63229 | |
| Cisco ASR 5000 Series Routers | =20.0.v0 | |
| Cisco ASR 5000 Series Routers | =20.1.v2 | |
| Cisco ASR 5000 Series Routers | =20.1_base | |
| Cisco ASR 5000 Series Routers | =20.2.12 | |
| Cisco ASR 5000 Series Routers | =20.2_base | |
| Cisco ASR 5000 Series Routers | =21.0.0 | |
| Cisco ASR 5000 Series Routers | =21.0.v1 | |
| Cisco ASR 5000 Series Routers | =21.0_base | |
| Cisco ASR 5000 Series Routers | =21.0_m0.64246 | |
| Cisco ASR 5000 Series Routers | =21.0_m0.64702 | |
| Cisco ASR 5000 firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-6729?
CVE-2017-6729 is categorized as a critical vulnerability that can allow an unauthenticated remote attacker to disrupt the BGP process.
How do I fix CVE-2017-6729?
To mitigate CVE-2017-6729, upgrade to a version of Cisco ASR 5000 Software that is free from this vulnerability.
Which Cisco software versions are affected by CVE-2017-6729?
CVE-2017-6729 affects Cisco ASR 5000 Software versions 16.4.1, 16.5.0, 16.5.2, 17.2.0, and multiple other releases up to 21.0.v1.
What type of attack does CVE-2017-6729 enable?
CVE-2017-6729 enables an unauthenticated remote attacker to cause the BGP process on affected systems to reload.
Is there a workaround for CVE-2017-6729?
There are no known workarounds for CVE-2017-6729; the recommended action is to apply the available updates.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/references
- agent/last-modified-date
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/trending
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco asr 5000 series routers
- version/cisco asr 5000 series routers/16.4.1
- version/cisco asr 5000 series routers/16.5.0
- version/cisco asr 5000 series routers/16.5.2
- version/cisco asr 5000 series routers/17.2.0
- version/cisco asr 5000 series routers/17.2.0.59184
- version/cisco asr 5000 series routers/17.3.0
- version/cisco asr 5000 series routers/17.3.1
- version/cisco asr 5000 series routers/17.3.9.62033
- version/cisco asr 5000 series routers/17.3_base
- version/cisco asr 5000 series routers/17.7.0
- version/cisco asr 5000 series routers/17.7.5
- version/cisco asr 5000 series routers/18.0.0
- version/cisco asr 5000 series routers/18.0.0.57828
- version/cisco asr 5000 series routers/18.0.0.59167
- version/cisco asr 5000 series routers/18.0.0.59211
- version/cisco asr 5000 series routers/18.0.l0.59219
- version/cisco asr 5000 series routers/18.1.0
- version/cisco asr 5000 series routers/18.1.0.59776
- version/cisco asr 5000 series routers/18.1.0.59780
- version/cisco asr 5000 series routers/18.1_base
- version/cisco asr 5000 series routers/18.3.0
- version/cisco asr 5000 series routers/18.3_base
- version/cisco asr 5000 series routers/18.4.0
- version/cisco asr 5000 series routers/19.0.1
- version/cisco asr 5000 series routers/19.0.m0.60737
- version/cisco asr 5000 series routers/19.0.m0.60828
- version/cisco asr 5000 series routers/19.0.m0.61045
- version/cisco asr 5000 series routers/19.1.0
- version/cisco asr 5000 series routers/19.1.0.61559
- version/cisco asr 5000 series routers/19.2.0
- version/cisco asr 5000 series routers/19.3.0
- version/cisco asr 5000 series routers/19.6.3
- version/cisco asr 5000 series routers/19.6_base
- version/cisco asr 5000 series routers/20.0.0
- version/cisco asr 5000 series routers/20.0.1.0
- version/cisco asr 5000 series routers/20.0.1.a0
- version/cisco asr 5000 series routers/20.0.1.v0
- version/cisco asr 5000 series routers/20.0.2.3
- version/cisco asr 5000 series routers/20.0.2.3.65026
- version/cisco asr 5000 series routers/20.0.2.v1
- version/cisco asr 5000 series routers/20.0.m0.62842
- version/cisco asr 5000 series routers/20.0.m0.63229
- version/cisco asr 5000 series routers/20.0.v0
- version/cisco asr 5000 series routers/20.1.v2
- version/cisco asr 5000 series routers/20.1_base
- version/cisco asr 5000 series routers/20.2.12
- version/cisco asr 5000 series routers/20.2_base
- version/cisco asr 5000 series routers/21.0.0
- version/cisco asr 5000 series routers/21.0.v1
- version/cisco asr 5000 series routers/21.0_base
- version/cisco asr 5000 series routers/21.0_m0.64246
- version/cisco asr 5000 series routers/21.0_m0.64702
- canonical/cisco asr 5000 firmware