Lucene search

CiscoCISCO-SA-20180926-SIP-ALG

HistorySep 26, 2018 - 4:00 p.m.

Cisco IOS XE Software NAT Session Initiation Protocol Application Layer Gateway Denial of Service Vulnerability

2018-09-2616:00:00

tools.cisco.com

147

0.003 Low

EPSS

Percentile

70.7%

JSON

A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload.

The vulnerability is due to improper processing of SIP packets in transit while NAT is performed on an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted SIP packets via UDP port 5060 through an affected device that is performing NAT for SIP packets. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-sip-alg [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-sip-alg”]
This advisory is part of the September 26, 2018, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 12 Cisco Security Advisories that describe 13 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: September 2018 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-69981”].

Affected configurations

Vulners

Node

ciscorvs4000_softwareMatch3.14s

ciscorvs4000_softwareMatch3.15s

ciscorvs4000_softwareMatch3.16s

ciscorvs4000_softwareMatch3.17s

ciscorvs4000_softwareMatch16.1

ciscorvs4000_softwareMatch16.2

ciscorvs4000_softwareMatch16.3

ciscorvs4000_softwareMatch16.4

ciscorvs4000_softwareMatch16.5

ciscorvs4000_softwareMatch3.18s

ciscorvs4000_softwareMatch3.18sp

ciscorvs4000_softwareMatch16.6

ciscorvs4000_softwareMatch16.7

ciscorvs4000_softwareMatch16.9

ciscorvs4000_softwareMatch3.14.0s

ciscorvs4000_softwareMatch3.14.1s

ciscorvs4000_softwareMatch3.14.2s

ciscorvs4000_softwareMatch3.14.3s

ciscorvs4000_softwareMatch3.14.4s

ciscorvs4000_softwareMatch3.15.0s

ciscorvs4000_softwareMatch3.15.1s

ciscorvs4000_softwareMatch3.15.2s

ciscorvs4000_softwareMatch3.15.1cs

ciscorvs4000_softwareMatch3.15.3s

ciscorvs4000_softwareMatch3.15.4s

ciscorvs4000_softwareMatch3.16.0s

ciscorvs4000_softwareMatch3.16.1s

ciscorvs4000_softwareMatch3.16.0as

ciscorvs4000_softwareMatch3.16.1as

ciscorvs4000_softwareMatch3.16.2s

ciscorvs4000_softwareMatch3.16.2as

ciscorvs4000_softwareMatch3.16.0bs

ciscorvs4000_softwareMatch3.16.0cs

ciscorvs4000_softwareMatch3.16.3s

ciscorvs4000_softwareMatch3.16.2bs

ciscorvs4000_softwareMatch3.16.3as

ciscorvs4000_softwareMatch3.16.4s

ciscorvs4000_softwareMatch3.16.4as

ciscorvs4000_softwareMatch3.16.4bs

ciscorvs4000_softwareMatch3.16.4gs

ciscorvs4000_softwareMatch3.16.5s

ciscorvs4000_softwareMatch3.16.4cs

ciscorvs4000_softwareMatch3.16.4ds

ciscorvs4000_softwareMatch3.16.4es

ciscorvs4000_softwareMatch3.16.6s

ciscorvs4000_softwareMatch3.16.5as

ciscorvs4000_softwareMatch3.16.5bs

ciscorvs4000_softwareMatch3.16.6bs

ciscorvs4000_softwareMatch3.17.0s

ciscorvs4000_softwareMatch3.17.1s

ciscorvs4000_softwareMatch3.17.2s

ciscorvs4000_softwareMatch3.17.1as

ciscorvs4000_softwareMatch3.17.3s

ciscorvs4000_softwareMatch3.17.4s

ciscorvs4000_softwareMatch16.1.1

ciscorvs4000_softwareMatch16.1.2

ciscorvs4000_softwareMatch16.1.3

ciscorvs4000_softwareMatch16.2.1

ciscorvs4000_softwareMatch16.2.2

ciscorvs4000_softwareMatch16.3.1

ciscorvs4000_softwareMatch16.3.2

ciscorvs4000_softwareMatch16.3.3

ciscorvs4000_softwareMatch16.3.1a

ciscorvs4000_softwareMatch16.3.4

ciscorvs4000_softwareMatch16.3.5

ciscorvs4000_softwareMatch16.3.5b

ciscorvs4000_softwareMatch16.4.1

ciscorvs4000_softwareMatch16.4.2

ciscorvs4000_softwareMatch16.4.3

ciscorvs4000_softwareMatch16.5.1

ciscorvs4000_softwareMatch16.5.1a

ciscorvs4000_softwareMatch16.5.1b

ciscorvs4000_softwareMatch16.5.2

ciscorvs4000_softwareMatch3.18.0as

ciscorvs4000_softwareMatch3.18.0s

ciscorvs4000_softwareMatch3.18.1s

ciscorvs4000_softwareMatch3.18.2s

ciscorvs4000_softwareMatch3.18.3s

ciscorvs4000_softwareMatch3.18.4s

ciscorvs4000_softwareMatch3.18.0sp

ciscorvs4000_softwareMatch3.18.1sp

ciscorvs4000_softwareMatch3.18.1asp

ciscorvs4000_softwareMatch3.18.1gsp

ciscorvs4000_softwareMatch3.18.1bsp

ciscorvs4000_softwareMatch3.18.1csp

ciscorvs4000_softwareMatch3.18.2sp

ciscorvs4000_softwareMatch3.18.1hsp

ciscorvs4000_softwareMatch3.18.2asp

ciscorvs4000_softwareMatch3.18.1isp

ciscorvs4000_softwareMatch3.18.3sp

ciscorvs4000_softwareMatch3.18.4sp

ciscorvs4000_softwareMatch3.18.3asp

ciscorvs4000_softwareMatch3.18.3bsp

ciscorvs4000_softwareMatch3.18.6sp

ciscorvs4000_softwareMatch16.6.1

ciscorvs4000_softwareMatch16.6.2

ciscorvs4000_softwareMatch16.7.1

ciscorvs4000_softwareMatch16.7.1a

ciscorvs4000_softwareMatch16.7.1b

ciscorvs4000_softwareMatch16.9.1b

CPENameOperatorVersion
cisco ios xe softwareeq3.14S
cisco ios xe softwareeq3.15S
cisco ios xe softwareeq3.16S
cisco ios xe softwareeq3.17S
cisco ios xe softwareeq16.1
cisco ios xe softwareeq16.2
cisco ios xe softwareeq16.3
cisco ios xe softwareeq16.4
cisco ios xe softwareeq16.5
cisco ios xe softwareeq3.18S

Name	Operator	Version
cisco ios xe software	eq	3.14S
cisco ios xe software	eq	3.15S
cisco ios xe software	eq	3.16S
cisco ios xe software	eq	3.17S
cisco ios xe software	eq	16.1
cisco ios xe software	eq	16.2
cisco ios xe software	eq	16.3
cisco ios xe software	eq	16.4
cisco ios xe software	eq	16.5
cisco ios xe software	eq	3.18S