Cisco IOS Software IP Service Level Agreement Vulnerability

2013-03-2716:00:00

tools.cisco.com

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

49.5%

JSON

The Cisco IOS Software implementation of the IP Service Level Agreement (IP SLA) feature contains a vulnerability in the validation of IP SLA packets that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

Cisco has released software updates that address this vulnerability. Mitigations for this vulnerability are available.

This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-ipsla[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-ipsla”]

Note: The March 27, 2013, Cisco IOS Software Security Advisory bundled publication includes seven Cisco Security Advisories. All advisories address vulnerabilities in Cisco IOS Software. Each Cisco IOS Software Security Advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all Cisco IOS Software vulnerabilities in the March 2013 bundled publication.

Individual publication links are in “Cisco Event Response: Semiannual Cisco IOS Software Security Advisory Bundled Publication” at the following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar13.html[“http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar13.html”]

Affected configurations

Vulners

Node

ciscoiosMatch15.2s

ciscoiosMatch15.2m

ciscoiosMatch15.2jaz

ciscocisco_iosMatch3.7sxe

ciscoiosMatch15.2\(4\)s

ciscoiosMatch15.2\(4\)s1

ciscoiosMatch15.2\(4\)s0c

ciscoiosMatch15.2\(4\)m

ciscoiosMatch15.2\(4\)m1

ciscoiosMatch15.2\(4\)m2

ciscoiosMatch15.2\(4\)jaz1

ciscocisco_iosMatch3.7.0sxe

ciscocisco_iosMatch3.7.1sxe

ciscocisco_iosMatch3.7.0bsxe

ciscocisco_iosMatch3.7.1asxe

CPENameOperatorVersion
ioseq15.2S
ioseq15.2M
ioseq15.2JAZ
cisco ios xe softwareeq3.7S
cisco ioseq15.2(4)S
cisco ioseq15.2(4)S1
cisco ioseq15.2(4)S0c
cisco ioseq15.2(4)M
cisco ioseq15.2(4)M1
cisco ioseq15.2(4)M2

Name	Operator	Version
ios	eq	15.2S
ios	eq	15.2M
ios	eq	15.2JAZ
cisco ios xe software	eq	3.7S
cisco ios	eq	15.2(4)S
cisco ios	eq	15.2(4)S1
cisco ios	eq	15.2(4)S0c
cisco ios	eq	15.2(4)M
cisco ios	eq	15.2(4)M1
cisco ios	eq	15.2(4)M2