Lucene search

CiscoCISCO-SA-20170927-NAT

HistorySep 27, 2017 - 4:00 p.m.

Cisco IOS Software Network Address Translation Denial of Service Vulnerability

2017-09-2716:00:00

tools.cisco.com

0.004 Low

EPSS

Percentile

72.4%

JSON

A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

The vulnerability is due to the improper translation of H.323 messages that use the Registration, Admission, and Status (RAS) protocol and are sent to an affected device via IPv4 packets. An attacker could exploit this vulnerability by sending a crafted H.323 RAS packet through an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition.

Cisco has released software updates that address this vulnerability. There is a workaround that addresses this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-nat [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-nat”]

This advisory is part of the September 27, 2017, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 12 Cisco Security Advisories that describe 13 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: September 2017 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-63410”].

Affected configurations

Vulners

Node

ciscoiosMatch15.2s

ciscoiosMatch15.1m

ciscoiosMatch15.2m

ciscoiosMatch15.3s

ciscoiosMatch15.4t

ciscoiosMatch15.2e

ciscoiosMatch15.4s

ciscoiosMatch15.3m

ciscoiosMatch15.4m

ciscoiosMatch15.5s

ciscoiosMatch15.5t

ciscoiosMatch15.5m

ciscoiosMatch12.4jap

ciscoiosMatch15.0sqd

ciscoiosMatch15.6s

ciscoiosMatch15.6t

ciscoiosMatch15.3jbb

ciscoiosMatch15.3jnc

ciscoiosMatch15.5xb

ciscoiosMatch15.6sp

ciscoiosMatch15.3jpb

ciscoiosMatch15.6m

ciscoiosMatch15.3jpc

ciscoiosMatch15.3jnd

ciscoiosMatch15.3jca

ciscoiosMatch15.3jpi

ciscoiosMatch15.3jpj

ciscoiosMatch15.3jpr

ciscoiosMatch15.2\(4\)s7

ciscoiosMatch15.2\(4\)s8

ciscoiosMatch15.1\(4\)m12a

ciscoiosMatch15.2\(4\)m8

ciscoiosMatch15.2\(4\)m10

ciscoiosMatch15.2\(4\)m9

ciscoiosMatch15.2\(4\)m11

ciscoiosMatch15.3\(3\)s6

ciscoiosMatch15.3\(3\)s7

ciscoiosMatch15.3\(3\)s8

ciscoiosMatch15.3\(3\)s6a

ciscoiosMatch15.3\(3\)s9

ciscoiosMatch15.3\(3\)s8a

ciscoiosMatch15.4\(1\)t4

ciscoiosMatch15.4\(2\)t4

ciscoiosMatch15.2\(2\)e3

ciscoiosMatch15.4\(3\)s3

ciscoiosMatch15.4\(1\)s4

ciscoiosMatch15.4\(2\)s4

ciscoiosMatch15.4\(3\)s4

ciscoiosMatch15.4\(3\)s5

ciscoiosMatch15.4\(3\)s6

ciscoiosMatch15.4\(3\)s7

ciscoiosMatch15.4\(3\)s6a

ciscoiosMatch15.3\(3\)m6

ciscoiosMatch15.3\(3\)m7

ciscoiosMatch15.3\(3\)m8

ciscoiosMatch15.3\(3\)m8a

ciscoiosMatch15.4\(3\)m3

ciscoiosMatch15.4\(3\)m4

ciscoiosMatch15.4\(3\)m5

ciscoiosMatch15.4\(3\)m6

ciscoiosMatch15.4\(3\)m6a

ciscoiosMatch15.4\(3\)m7a

ciscoiosMatch15.5\(2\)s

ciscoiosMatch15.5\(3\)s

ciscoiosMatch15.5\(1\)s2

ciscoiosMatch15.5\(1\)s3

ciscoiosMatch15.5\(2\)s1

ciscoiosMatch15.5\(2\)s2

ciscoiosMatch15.5\(3\)s1

ciscoiosMatch15.5\(3\)s1a

ciscoiosMatch15.5\(2\)s3

ciscoiosMatch15.5\(3\)s2

ciscoiosMatch15.5\(3\)s0a

ciscoiosMatch15.5\(3\)s3

ciscoiosMatch15.5\(1\)s4

ciscoiosMatch15.5\(2\)s4

ciscoiosMatch15.5\(3\)s4

ciscoiosMatch15.5\(3\)s5

ciscoiosMatch15.5\(2\)t

ciscoiosMatch15.5\(1\)t2

ciscoiosMatch15.5\(1\)t3

ciscoiosMatch15.5\(2\)t1

ciscoiosMatch15.5\(2\)t2

ciscoiosMatch15.5\(2\)t3

ciscoiosMatch15.5\(2\)t4

ciscoiosMatch15.5\(1\)t4

ciscoiosMatch15.5\(3\)m

ciscoiosMatch15.5\(3\)m1

ciscoiosMatch15.5\(3\)m0a

ciscoiosMatch15.5\(3\)m2

ciscoiosMatch15.5\(3\)m2a

ciscoiosMatch15.5\(3\)m3

ciscoiosMatch15.5\(3\)m4

ciscoiosMatch15.5\(3\)m4a

ciscoiosMatch15.5\(3\)m4b

ciscoiosMatch15.5\(3\)m4c

ciscoiosMatch12.4\(25e\)jap1n

ciscoiosMatch15.0\(2\)sqd7

ciscoiosMatch15.6\(1\)s

ciscoiosMatch15.6\(2\)s

ciscoiosMatch15.6\(2\)s1

ciscoiosMatch15.6\(1\)s1

ciscoiosMatch15.6\(1\)s2

ciscoiosMatch15.6\(2\)s2

ciscoiosMatch15.6\(1\)s3

ciscoiosMatch15.6\(2\)s3

ciscoiosMatch15.6\(1\)t

ciscoiosMatch15.6\(2\)t

ciscoiosMatch15.6\(1\)t0a

ciscoiosMatch15.6\(1\)t1

ciscoiosMatch15.6\(2\)t1

ciscoiosMatch15.6\(1\)t2

ciscoiosMatch15.6\(2\)t0a

ciscoiosMatch15.6\(2\)t2

ciscoiosMatch15.3\(3\)jbb6a

ciscoiosMatch15.3\(3\)jnc4

ciscoiosMatch15.5\(2\)xb

ciscoiosMatch15.6\(2\)sp

ciscoiosMatch15.6\(2\)sp1

ciscoiosMatch15.6\(2\)sp2

ciscoiosMatch15.3\(3\)jpb

ciscoiosMatch15.6\(3\)m

ciscoiosMatch15.6\(3\)m1

ciscoiosMatch15.6\(3\)m0a

ciscoiosMatch15.6\(3\)m1a

ciscoiosMatch15.6\(3\)m1b

ciscoiosMatch15.3\(3\)jpc3

ciscoiosMatch15.3\(3\)jnd2

ciscoiosMatch15.3\(3\)jca7

ciscoiosMatch15.3\(3\)jpi

ciscoiosMatch15.3\(3\)jpj

ciscoiosMatch15.3\(3\)jpr1

CPENameOperatorVersion
ioseq15.2S
ioseq15.1M
ioseq15.2M
ioseq15.3S
ioseq15.4T
ioseq15.2E
ioseq15.4S
ioseq15.3M
ioseq15.4M
ioseq15.5S

Name	Operator	Version
ios	eq	15.2S
ios	eq	15.1M
ios	eq	15.2M
ios	eq	15.3S
ios	eq	15.4T
ios	eq	15.2E
ios	eq	15.4S
ios	eq	15.3M
ios	eq	15.4M
ios	eq	15.5S

Rows per page:

1-10 of 1321

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-nat

0.004 Low

EPSS

Percentile

72.4%

JSON

Related for CISCO-SA-20170927-NAT