Lucene search

K
ciscoCiscoCISCO-SA-20180328-FIB-DOS
HistoryMar 28, 2018 - 4:00 p.m.

Cisco IOS and IOS XE Software Forwarding Information Base Denial of Service Vulnerability

2018-03-2816:00:00
tools.cisco.com
24

0.001 Low

EPSS

Percentile

34.4%

A vulnerability in the Forwarding Information Base (FIB) code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, network attacker to cause a denial of service (DoS) condition.

The vulnerability is due to a limitation in the way the FIB is internally representing recursive routes. An attacker could exploit this vulnerability by injecting routes into the routing protocol that have a specific recursive pattern. The attacker must be in a position on the network that provides the ability to inject a number of recursive routes with a specific pattern. An exploit could allow the attacker to cause an affected device to reload, creating a DoS condition.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-FIB-dos [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-FIB-dos”]

Affected configurations

Vulners
Node
ciscoiosMatchany
OR
ciscoios_xeMatchany
OR
ciscocisco_iosMatchany
OR
ciscoios_xeMatchany

0.001 Low

EPSS

Percentile

34.4%

Related for CISCO-SA-20180328-FIB-DOS