Cisco IOS Software and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerabilities

2015-03-25T16:00:00
ID CISCO-SA-20150325-IKEV2
Type cisco
Reporter Cisco
Modified 2016-12-07T17:03:49

Description

A vulnerability in the IKEv2 module of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service by memory depletion.

The vulnerability is due to improper management of system resources. An attacker could exploit this vulnerability by crafting IKEv2 negotiations. An exploit could allow the attacker to cause a denial of service.

A vulnerability in the IKEv2 module of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service condition.

The vulnerability is due to improper processing of malformed fields submitted as part of an IKE version 2 packet. An attacker could exploit this vulnerability by submitting malformed IKE packets to an affected device designed to trigger the issue. An exploit could allow the attacker to cause a denial of service condition.

Devices running Cisco IOS Software or IOS XE Software contain vulnerabilities within the Internet Key Exchange (IKE) version 2 subsystem that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

The vulnerabilities are due to how an affected device processes certain malformed IKEv2 packets. An attacker could exploit these vulnerabilities by sending malformed IKEv2 packets to an affected device to be processed. A successful exploit could allow the attacker to cause a reload of the affected device or excessive consumption of resources that would lead to a DoS condition. IKEv2 is automatically enabled on devices running Cisco IOS and Cisco IOS XE Software when the Internet Security Association and Key Management Protocol (ISAKMP) is enabled. These vulnerabilities can only be triggered by sending malformed IKEv2 packets.

There are no workarounds for the vulnerabilities described in this advisory. Cisco has released software updates that address these vulnerabilities.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ikev2 ["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ikev2"]

Note: The March 25, 2015, Cisco IOS & XE Software Security Advisory bundled publication includes seven Cisco Security Advisories. The advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS & XE Software Security Advisory Bundled Publication at the following link: http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html ["http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html"]