Cisco ASR 5000 Series Aggregation Services Routers GGSN Gateway Redirect Vulnerability

A vulnerability in the gateway GPRS support node (GGSN) of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to redirect HTTP traffic sent to an affected device.

The vulnerability exists because the affected device does not sufficiently validate HTTP traffic that contains one or more packets with additional bytes at the end of the packet. An attacker could exploit this vulnerability by changing the properties of a payload in HTTP traffic that is sent to an affected device. A successful exploit could allow the attacker to pipeline requests through an affected device without verifying and accounting for the requests.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-asr [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-asr”]