high
8.6
CWE
20
Advisory Published
Updated

CVE-2018-0136: Input Validation

First published: Wed Jan 31 2018(Updated: )

A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect handling of IPv6 packets with a fragment header extension. An attacker could exploit this vulnerability by sending IPv6 packets designed to trigger the issue either to or through the Trident-based line card. A successful exploit could allow the attacker to trigger a reload of Trident-based line cards, resulting in a DoS during the period of time the line card takes to restart. This vulnerability affects Cisco Aggregation Services Router (ASR) 9000 Series when the following conditions are met: The router is running Cisco IOS XR Software Release 5.3.4, and the router has installed Trident-based line cards that have IPv6 configured. A software maintenance upgrade (SMU) has been made available that addresses this vulnerability. The fix has also been incorporated into service pack 7 for Cisco IOS XR Software Release 5.3.4. Cisco Bug IDs: CSCvg46800.

Credit: ykramarz@cisco.com

Affected SoftwareAffected VersionHow to fix
Cisco IOS XR=5.3.4
Cisco Asr 9001
Cisco Asr 9006
Cisco Asr 9010
Cisco Asr 9904
Cisco Asr 9906
Cisco Asr 9910
Cisco Asr 9912
Cisco Asr 9922

Remedy

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is CVE-2018-0136?

    CVE-2018-0136 is a vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series.

  • How does CVE-2018-0136 affect Cisco ASR 9000 Series?

    CVE-2018-0136 could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards on Cisco ASR 9000 Series, resulting in a denial of service (DoS) condition.

  • What is the severity of CVE-2018-0136?

    CVE-2018-0136 has a severity rating of 8.6, which is considered high.

  • How can I fix CVE-2018-0136?

    To fix CVE-2018-0136, it is recommended to upgrade to a fixed software release.

  • Where can I find more information about CVE-2018-0136?

    More information about CVE-2018-0136 can be found on the Cisco Security Advisory website.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203