Lucene search

CiscoCISCO-SA-20190925-SIP-ALG

HistorySep 25, 2019 - 4:00 p.m.

Cisco IOS XE Software NAT Session Initiation Protocol Application Layer Gateway Denial of Service Vulnerability

2019-09-2516:00:00

tools.cisco.com

EPSS

0.001

Percentile

44.8%

JSON

A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload.

The vulnerability is due to improper processing of transient SIP packets on which NAT is performed on an affected device. An attacker could exploit this vulnerability by using UDP port 5060 to send crafted SIP packets through an affected device that is performing NAT for SIP packets. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sip-alg [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sip-alg”]

This advisory is part of the September 25, 2019, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 12 Cisco Security Advisories that describe 13 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: September 2019 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-72547”].

Affected configurations

Vulners

Node

ciscocisco_ios_xe_softwareMatch3.7s

ciscocisco_ios_xe_softwareMatch3.8s

ciscocisco_ios_xe_softwareMatch3.9s

ciscocisco_ios_xe_softwareMatch3.10s

ciscocisco_ios_xe_softwareMatch3.11s

ciscocisco_ios_xe_softwareMatch3.12s

ciscocisco_ios_xe_softwareMatch3.13s

ciscocisco_ios_xe_softwareMatch3.14s

ciscocisco_ios_xe_softwareMatch3.15s

ciscocisco_ios_xe_softwareMatch3.16s

ciscocisco_ios_xe_softwareMatch3.17s

ciscocisco_ios_xe_softwareMatch16.1

ciscocisco_ios_xe_softwareMatch16.2

ciscocisco_ios_xe_softwareMatch16.3

ciscocisco_ios_xe_softwareMatch16.4

ciscocisco_ios_xe_softwareMatch16.5

ciscocisco_ios_xe_softwareMatch3.18s

ciscocisco_ios_xe_softwareMatch16.6

ciscocisco_ios_xe_softwareMatch16.7

ciscocisco_ios_xe_softwareMatch16.8

ciscocisco_ios_xe_softwareMatch16.9

ciscocisco_ios_xe_softwareMatch16.10

ciscocisco_ios_xe_softwareMatch3.7.0s

ciscocisco_ios_xe_softwareMatch3.7.1s

ciscocisco_ios_xe_softwareMatch3.7.2s

ciscocisco_ios_xe_softwareMatch3.7.3s

ciscocisco_ios_xe_softwareMatch3.7.4s

ciscocisco_ios_xe_softwareMatch3.7.5s

ciscocisco_ios_xe_softwareMatch3.7.6s

ciscocisco_ios_xe_softwareMatch3.7.7s

ciscocisco_ios_xe_softwareMatch3.7.8s

ciscocisco_ios_xe_softwareMatch3.7.4as

ciscocisco_ios_xe_softwareMatch3.7.2ts

ciscocisco_ios_xe_softwareMatch3.7.0bs

ciscocisco_ios_xe_softwareMatch3.7.1as

ciscocisco_ios_xe_softwareMatch3.8.0s

ciscocisco_ios_xe_softwareMatch3.8.1s

ciscocisco_ios_xe_softwareMatch3.8.2s

ciscocisco_ios_xe_softwareMatch3.9.1s

ciscocisco_ios_xe_softwareMatch3.9.0s

ciscocisco_ios_xe_softwareMatch3.9.2s

ciscocisco_ios_xe_softwareMatch3.9.1as

ciscocisco_ios_xe_softwareMatch3.9.0as

ciscocisco_ios_xe_softwareMatch3.10.0s

ciscocisco_ios_xe_softwareMatch3.10.1s

ciscocisco_ios_xe_softwareMatch3.10.2s

ciscocisco_ios_xe_softwareMatch3.10.3s

ciscocisco_ios_xe_softwareMatch3.10.4s

ciscocisco_ios_xe_softwareMatch3.10.5s

ciscocisco_ios_xe_softwareMatch3.10.6s

ciscocisco_ios_xe_softwareMatch3.10.2as

ciscocisco_ios_xe_softwareMatch3.10.2ts

ciscocisco_ios_xe_softwareMatch3.10.7s

ciscocisco_ios_xe_softwareMatch3.10.8s

ciscocisco_ios_xe_softwareMatch3.10.8as

ciscocisco_ios_xe_softwareMatch3.10.9s

ciscocisco_ios_xe_softwareMatch3.10.10s

ciscocisco_ios_xe_softwareMatch3.11.1s

ciscocisco_ios_xe_softwareMatch3.11.2s

ciscocisco_ios_xe_softwareMatch3.11.0s

ciscocisco_ios_xe_softwareMatch3.11.3s

ciscocisco_ios_xe_softwareMatch3.11.4s

ciscocisco_ios_xe_softwareMatch3.12.0s

ciscocisco_ios_xe_softwareMatch3.12.1s

ciscocisco_ios_xe_softwareMatch3.12.2s

ciscocisco_ios_xe_softwareMatch3.12.3s

ciscocisco_ios_xe_softwareMatch3.12.0as

ciscocisco_ios_xe_softwareMatch3.12.4s

ciscocisco_ios_xe_softwareMatch3.13.0s

ciscocisco_ios_xe_softwareMatch3.13.1s

ciscocisco_ios_xe_softwareMatch3.13.2s

ciscocisco_ios_xe_softwareMatch3.13.3s

ciscocisco_ios_xe_softwareMatch3.13.4s

ciscocisco_ios_xe_softwareMatch3.13.5s

ciscocisco_ios_xe_softwareMatch3.13.2as

ciscocisco_ios_xe_softwareMatch3.13.0as

ciscocisco_ios_xe_softwareMatch3.13.5as

ciscocisco_ios_xe_softwareMatch3.13.6s

ciscocisco_ios_xe_softwareMatch3.13.7s

ciscocisco_ios_xe_softwareMatch3.13.6as

ciscocisco_ios_xe_softwareMatch3.13.6bs

ciscocisco_ios_xe_softwareMatch3.13.7as

ciscocisco_ios_xe_softwareMatch3.13.8s

ciscocisco_ios_xe_softwareMatch3.13.9s

ciscocisco_ios_xe_softwareMatch3.13.10s

ciscocisco_ios_xe_softwareMatch3.14.0s

ciscocisco_ios_xe_softwareMatch3.14.1s

ciscocisco_ios_xe_softwareMatch3.14.2s

ciscocisco_ios_xe_softwareMatch3.14.3s

ciscocisco_ios_xe_softwareMatch3.14.4s

ciscocisco_ios_xe_softwareMatch3.15.0s

ciscocisco_ios_xe_softwareMatch3.15.1s

ciscocisco_ios_xe_softwareMatch3.15.2s

ciscocisco_ios_xe_softwareMatch3.15.1cs

ciscocisco_ios_xe_softwareMatch3.15.3s

ciscocisco_ios_xe_softwareMatch3.15.4s

ciscocisco_ios_xe_softwareMatch3.16.0s

ciscocisco_ios_xe_softwareMatch3.16.1s

ciscocisco_ios_xe_softwareMatch3.16.0as

ciscocisco_ios_xe_softwareMatch3.16.1as

ciscocisco_ios_xe_softwareMatch3.16.2s

ciscocisco_ios_xe_softwareMatch3.16.2as

ciscocisco_ios_xe_softwareMatch3.16.0bs

ciscocisco_ios_xe_softwareMatch3.16.0cs

ciscocisco_ios_xe_softwareMatch3.16.3s

ciscocisco_ios_xe_softwareMatch3.16.2bs

ciscocisco_ios_xe_softwareMatch3.16.3as

ciscocisco_ios_xe_softwareMatch3.16.4s

ciscocisco_ios_xe_softwareMatch3.16.4as

ciscocisco_ios_xe_softwareMatch3.16.4bs

ciscocisco_ios_xe_softwareMatch3.16.4gs

ciscocisco_ios_xe_softwareMatch3.16.5s

ciscocisco_ios_xe_softwareMatch3.16.4cs

ciscocisco_ios_xe_softwareMatch3.16.4ds

ciscocisco_ios_xe_softwareMatch3.16.4es

ciscocisco_ios_xe_softwareMatch3.16.6s

ciscocisco_ios_xe_softwareMatch3.16.5as

ciscocisco_ios_xe_softwareMatch3.16.5bs

ciscocisco_ios_xe_softwareMatch3.16.7s

ciscocisco_ios_xe_softwareMatch3.16.6bs

ciscocisco_ios_xe_softwareMatch3.16.7as

ciscocisco_ios_xe_softwareMatch3.16.7bs

ciscocisco_ios_xe_softwareMatch3.16.8s

ciscocisco_ios_xe_softwareMatch3.17.0s

ciscocisco_ios_xe_softwareMatch3.17.1s

ciscocisco_ios_xe_softwareMatch3.17.2s

ciscocisco_ios_xe_softwareMatch3.17.1as

ciscocisco_ios_xe_softwareMatch3.17.3s

ciscocisco_ios_xe_softwareMatch3.17.4s

ciscocisco_ios_xe_softwareMatch16.1.1

ciscocisco_ios_xe_softwareMatch16.1.2

ciscocisco_ios_xe_softwareMatch16.1.3

ciscocisco_ios_xe_softwareMatch16.2.1

ciscocisco_ios_xe_softwareMatch16.2.2

ciscocisco_ios_xe_softwareMatch16.3.1

ciscocisco_ios_xe_softwareMatch16.3.2

ciscocisco_ios_xe_softwareMatch16.3.3

ciscocisco_ios_xe_softwareMatch16.3.1a

ciscocisco_ios_xe_softwareMatch16.3.4

ciscocisco_ios_xe_softwareMatch16.3.5

ciscocisco_ios_xe_softwareMatch16.3.5b

ciscocisco_ios_xe_softwareMatch16.3.6

ciscocisco_ios_xe_softwareMatch16.3.7

ciscocisco_ios_xe_softwareMatch16.4.1

ciscocisco_ios_xe_softwareMatch16.4.2

ciscocisco_ios_xe_softwareMatch16.4.3

ciscocisco_ios_xe_softwareMatch16.5.1

ciscocisco_ios_xe_softwareMatch16.5.1a

ciscocisco_ios_xe_softwareMatch16.5.1b

ciscocisco_ios_xe_softwareMatch16.5.2

ciscocisco_ios_xe_softwareMatch16.5.3

ciscocisco_ios_xe_softwareMatch3.18.0as

ciscocisco_ios_xe_softwareMatch3.18.0s

ciscocisco_ios_xe_softwareMatch3.18.1s

ciscocisco_ios_xe_softwareMatch3.18.2s

ciscocisco_ios_xe_softwareMatch3.18.3s

ciscocisco_ios_xe_softwareMatch3.18.4s

ciscocisco_ios_xe_softwareMatch16.6.1

ciscocisco_ios_xe_softwareMatch16.6.2

ciscocisco_ios_xe_softwareMatch16.6.3

ciscocisco_ios_xe_softwareMatch16.6.4

ciscocisco_ios_xe_softwareMatch16.6.5

ciscocisco_ios_xe_softwareMatch16.6.4s

ciscocisco_ios_xe_softwareMatch16.6.4a

ciscocisco_ios_xe_softwareMatch16.6.5a

ciscocisco_ios_xe_softwareMatch16.6.5b

ciscocisco_ios_xe_softwareMatch16.7.1

ciscocisco_ios_xe_softwareMatch16.7.1a

ciscocisco_ios_xe_softwareMatch16.7.1b

ciscocisco_ios_xe_softwareMatch16.7.2

ciscocisco_ios_xe_softwareMatch16.7.3

ciscocisco_ios_xe_softwareMatch16.7.4

ciscocisco_ios_xe_softwareMatch16.8.1

ciscocisco_ios_xe_softwareMatch16.8.1a

ciscocisco_ios_xe_softwareMatch16.8.1b

ciscocisco_ios_xe_softwareMatch16.8.1s

ciscocisco_ios_xe_softwareMatch16.8.1c

ciscocisco_ios_xe_softwareMatch16.8.1d

ciscocisco_ios_xe_softwareMatch16.8.2

ciscocisco_ios_xe_softwareMatch16.8.1e

ciscocisco_ios_xe_softwareMatch16.9.1

ciscocisco_ios_xe_softwareMatch16.9.2

ciscocisco_ios_xe_softwareMatch16.9.1a

ciscocisco_ios_xe_softwareMatch16.9.1b

ciscocisco_ios_xe_softwareMatch16.9.1s

ciscocisco_ios_xe_softwareMatch16.9.1c

ciscocisco_ios_xe_softwareMatch16.9.1d

ciscocisco_ios_xe_softwareMatch16.9.2a

ciscocisco_ios_xe_softwareMatch16.9.2s

ciscocisco_ios_xe_softwareMatch16.10.1

ciscocisco_ios_xe_softwareMatch16.10.1a

ciscocisco_ios_xe_softwareMatch16.10.1b

ciscocisco_ios_xe_softwareMatch16.10.1s

ciscocisco_ios_xe_softwareMatch16.10.1c

ciscocisco_ios_xe_softwareMatch16.10.1e

ciscocisco_ios_xe_softwareMatch16.10.1d

ciscocisco_ios_xe_softwareMatch16.10.1f

ciscocisco_ios_xe_softwareMatch16.10.1g

VendorProductVersionCPE
ciscocisco_ios_xe_software3.7scpe:2.3:a:cisco:cisco_ios_xe_software:3.7s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.8scpe:2.3:a:cisco:cisco_ios_xe_software:3.8s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.9scpe:2.3:a:cisco:cisco_ios_xe_software:3.9s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.10scpe:2.3:a:cisco:cisco_ios_xe_software:3.10s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.11scpe:2.3:a:cisco:cisco_ios_xe_software:3.11s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.12scpe:2.3:a:cisco:cisco_ios_xe_software:3.12s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.13scpe:2.3:a:cisco:cisco_ios_xe_software:3.13s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.14scpe:2.3:a:cisco:cisco_ios_xe_software:3.14s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.15scpe:2.3:a:cisco:cisco_ios_xe_software:3.15s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.16scpe:2.3:a:cisco:cisco_ios_xe_software:3.16s:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	cisco_ios_xe_software	3.7s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.7s:::::::*
cisco	cisco_ios_xe_software	3.8s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.8s:::::::*
cisco	cisco_ios_xe_software	3.9s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.9s:::::::*
cisco	cisco_ios_xe_software	3.10s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.10s:::::::*
cisco	cisco_ios_xe_software	3.11s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.11s:::::::*
cisco	cisco_ios_xe_software	3.12s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.12s:::::::*
cisco	cisco_ios_xe_software	3.13s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.13s:::::::*
cisco	cisco_ios_xe_software	3.14s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.14s:::::::*
cisco	cisco_ios_xe_software	3.15s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.15s:::::::*
cisco	cisco_ios_xe_software	3.16s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.16s:::::::*