Cisco IOS XR MPLS LDP Packet Processing Denial of Service Vulnerability

2015-06-24T18:24:17
ID CISCO-SA-20150624-CVE-2015-4223
Type cisco
Reporter Cisco
Modified 2015-06-24T18:24:11

Description

A vulnerability in the Multiprotocol Label Switching (MPLS) Label Distribution Protocol (LDP) packet processing feature of Cisco IOS XR could allow an unauthenticated, remote attacker to cause a reload of the MPLS LDP process on the affected device.

The vulnerability is due to improper processing of crafted MPLS LDP packets. An attacker could exploit this vulnerability by sending crafted MPLS LDP packets to be processed by an affected device. An exploit could allow the attacker to cause a reload of the MPLS LDP process on the affected device.

Cisco has confirmed the vulnerability and released software updates.

To exploit this vulnerability, an attacker may need to acquire additional information about the targeted device, such as whether the device is configured to process MPLS LDP packets. A device configured to process MPLS LDP packets is required for a successful exploit.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.