First published: Wed Feb 03 2021(Updated: )
Multiple vulnerabilities in the ingress packet processing function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dos-WwDdghs2
Credit: CVE-2021-1288: the U.S. National Security Agency (NSA). CVE-2021-1313: This vulnerability was found during the resolution a Cisco TAC support case
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco IOS XR Software | =5.0<5.2.65.3.4 | 5.2.65.3.4 |
Cisco IOS XR Software | =CRS-PX<hfr-px-5.3.3.CSCuy67256=5.3.3<ASR9K-PX=5.3.2<ASR9K-PX=5.1.3<ASR9K-PX | hfr-px-5.3.3.CSCuy67256 ASR9K-PX ASR9K-PX ASR9K-PX |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of cisco-sa-iosxr-dos-WwDdghs2 is high.
An unauthenticated attacker can exploit cisco-sa-iosxr-dos-WwDdghs2 by sending specially crafted packets to the affected device.
The impact of cisco-sa-iosxr-dos-WwDdghs2 is a denial of service (DoS) condition on the affected device.
To fix cisco-sa-iosxr-dos-WwDdghs2 in Cisco IOS XR Software version 5.0 to 5.2.65.3.4, upgrade to a fixed software release.
You can find more information about cisco-sa-iosxr-dos-WwDdghs2 on the Cisco Security Advisory page.