Cisco StarOS Border Gateway Protocol Process Denial of Service Vulnerability

2017-07-05T16:00:00
ID CISCO-SA-20170705-STAROS
Type cisco
Reporter Cisco
Modified 2017-07-03T16:37:14

Description

A vulnerability in the Border Gateway Protocol (BGP) processing functionality of the Cisco StarOS operating system for Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core (VPC) Software could allow an unauthenticated, remote attacker to cause the BGP process on an affected system to reload, resulting in a denial of service (DoS) condition.

The vulnerability is due to improper boundary controls for the BGP peering sessions list. An attacker could exploit this vulnerability by sending crafted TCP packets to an IPv4 or IPv6 interface on an affected system, if BGP is enabled for the system. By default, BGP is not enabled on the affected systems.

There are no workarounds that address this vulnerability.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-staros ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-staros"]