A vulnerability in the Simple Network Management Protocol (SNMP) punt handling function of Cisco cBR-8 Converged Broadband Routers could allow an authenticated, remote attacker to overload a device punt path, resulting in a denial of service (DoS) condition.
This vulnerability is due to the punt path being overwhelmed by large quantities of SNMP requests. An attacker could exploit this vulnerability by sending a large number of SNMP requests to an affected device. A successful exploit could allow the attacker to overload the device punt path, resulting in a DoS condition.
Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cbr8snmp-zGjkZ9Fc [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cbr8snmp-zGjkZ9Fc”]
This advisory is part of the September 2021 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2021 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74581”]
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | cisco_ios_xe_software | 3.15s | cpe:2.3:a:cisco:cisco_ios_xe_software:3.15s:*:*:*:*:*:*:* |
cisco | cisco_ios_xe_software | 3.16s | cpe:2.3:a:cisco:cisco_ios_xe_software:3.16s:*:*:*:*:*:*:* |
cisco | cisco_ios_xe_software | 3.17s | cpe:2.3:a:cisco:cisco_ios_xe_software:3.17s:*:*:*:*:*:*:* |
cisco | cisco_ios_xe_software | 16.5 | cpe:2.3:a:cisco:cisco_ios_xe_software:16.5:*:*:*:*:*:*:* |
cisco | cisco_ios_xe_software | 3.18s | cpe:2.3:a:cisco:cisco_ios_xe_software:3.18s:*:*:*:*:*:*:* |
cisco | cisco_ios_xe_software | 3.18sp | cpe:2.3:a:cisco:cisco_ios_xe_software:3.18sp:*:*:*:*:*:*:* |
cisco | cisco_ios_xe_software | 16.7 | cpe:2.3:a:cisco:cisco_ios_xe_software:16.7:*:*:*:*:*:*:* |
cisco | cisco_ios_xe_software | 16.8 | cpe:2.3:a:cisco:cisco_ios_xe_software:16.8:*:*:*:*:*:*:* |
cisco | cisco_ios_xe_software | 16.9 | cpe:2.3:a:cisco:cisco_ios_xe_software:16.9:*:*:*:*:*:*:* |
cisco | cisco_ios_xe_software | 16.10 | cpe:2.3:a:cisco:cisco_ios_xe_software:16.10:*:*:*:*:*:*:* |