Lucene search

CiscoCISCO-SA-CBR8SNMP-ZGJKZ9FC

HistorySep 22, 2021 - 4:00 p.m.

Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers Simple Network Management Protocol Denial of Service Vulnerability

2021-09-2216:00:00

tools.cisco.com

cisco cbr-8

snmp

denial of service

EPSS

0.001

Percentile

44.3%

JSON

A vulnerability in the Simple Network Management Protocol (SNMP) punt handling function of Cisco cBR-8 Converged Broadband Routers could allow an authenticated, remote attacker to overload a device punt path, resulting in a denial of service (DoS) condition.

This vulnerability is due to the punt path being overwhelmed by large quantities of SNMP requests. An attacker could exploit this vulnerability by sending a large number of SNMP requests to an affected device. A successful exploit could allow the attacker to overload the device punt path, resulting in a DoS condition.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cbr8snmp-zGjkZ9Fc [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cbr8snmp-zGjkZ9Fc”]

This advisory is part of the September 2021 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2021 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74581”]

Affected configurations

Vulners

Node

ciscocisco_ios_xe_softwareMatch3.15s

ciscocisco_ios_xe_softwareMatch3.16s

ciscocisco_ios_xe_softwareMatch3.17s

ciscocisco_ios_xe_softwareMatch16.5

ciscocisco_ios_xe_softwareMatch3.18s

ciscocisco_ios_xe_softwareMatch3.18sp

ciscocisco_ios_xe_softwareMatch16.7

ciscocisco_ios_xe_softwareMatch16.8

ciscocisco_ios_xe_softwareMatch16.9

ciscocisco_ios_xe_softwareMatch16.10

ciscocisco_ios_xe_softwareMatch16.12

ciscocisco_ios_xe_softwareMatch17.2

ciscocisco_ios_xe_softwareMatchany

ciscocisco_ios_xe_softwareMatch3.15.0s

ciscocisco_ios_xe_softwareMatch3.15.1s

ciscocisco_ios_xe_softwareMatch3.15.2s

ciscocisco_ios_xe_softwareMatch3.15.3s

ciscocisco_ios_xe_softwareMatch3.16.0s

ciscocisco_ios_xe_softwareMatch3.16.1s

ciscocisco_ios_xe_softwareMatch3.16.2s

ciscocisco_ios_xe_softwareMatch3.17.0s

ciscocisco_ios_xe_softwareMatch3.17.1s

ciscocisco_ios_xe_softwareMatch3.17.2s

ciscocisco_ios_xe_softwareMatch16.5.1

ciscocisco_ios_xe_softwareMatch3.18.0as

ciscocisco_ios_xe_softwareMatch3.18.0s

ciscocisco_ios_xe_softwareMatch3.18.1s

ciscocisco_ios_xe_softwareMatch3.18.0sp

ciscocisco_ios_xe_softwareMatch3.18.1sp

ciscocisco_ios_xe_softwareMatch3.18.1asp

ciscocisco_ios_xe_softwareMatch3.18.2asp

ciscocisco_ios_xe_softwareMatch3.18.3sp

ciscocisco_ios_xe_softwareMatch3.18.4sp

ciscocisco_ios_xe_softwareMatch3.18.3asp

ciscocisco_ios_xe_softwareMatch3.18.3bsp

ciscocisco_ios_xe_softwareMatch3.18.5sp

ciscocisco_ios_xe_softwareMatch3.18.6sp

ciscocisco_ios_xe_softwareMatch16.7.1

ciscocisco_ios_xe_softwareMatch16.7.1a

ciscocisco_ios_xe_softwareMatch16.7.1b

ciscocisco_ios_xe_softwareMatch16.7.2

ciscocisco_ios_xe_softwareMatch16.7.3

ciscocisco_ios_xe_softwareMatch16.7.4

ciscocisco_ios_xe_softwareMatch16.8.1

ciscocisco_ios_xe_softwareMatch16.8.1d

ciscocisco_ios_xe_softwareMatch16.8.1e

ciscocisco_ios_xe_softwareMatch16.9.1

ciscocisco_ios_xe_softwareMatch16.9.1a

ciscocisco_ios_xe_softwareMatch16.10.1

ciscocisco_ios_xe_softwareMatch16.10.1c

ciscocisco_ios_xe_softwareMatch16.10.1d

ciscocisco_ios_xe_softwareMatch16.10.1f

ciscocisco_ios_xe_softwareMatch16.10.1g

ciscocisco_ios_xe_softwareMatch16.12.1

ciscocisco_ios_xe_softwareMatch16.12.1w

ciscocisco_ios_xe_softwareMatch16.12.1y

ciscocisco_ios_xe_softwareMatch16.12.1x

ciscocisco_ios_xe_softwareMatch16.12.1z

ciscocisco_ios_xe_softwareMatch17.2.1

ciscocisco_ios_xe_softwareMatchany

VendorProductVersionCPE
ciscocisco_ios_xe_software3.15scpe:2.3:a:cisco:cisco_ios_xe_software:3.15s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.16scpe:2.3:a:cisco:cisco_ios_xe_software:3.16s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.17scpe:2.3:a:cisco:cisco_ios_xe_software:3.17s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.5cpe:2.3:a:cisco:cisco_ios_xe_software:16.5:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.18scpe:2.3:a:cisco:cisco_ios_xe_software:3.18s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.18spcpe:2.3:a:cisco:cisco_ios_xe_software:3.18sp:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.7cpe:2.3:a:cisco:cisco_ios_xe_software:16.7:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.8cpe:2.3:a:cisco:cisco_ios_xe_software:16.8:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.9cpe:2.3:a:cisco:cisco_ios_xe_software:16.9:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.10cpe:2.3:a:cisco:cisco_ios_xe_software:16.10:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	cisco_ios_xe_software	3.15s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.15s:::::::*
cisco	cisco_ios_xe_software	3.16s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.16s:::::::*
cisco	cisco_ios_xe_software	3.17s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.17s:::::::*
cisco	cisco_ios_xe_software	16.5	cpe:2.3:a:cisco:cisco_ios_xe_software:16.5:::::::*
cisco	cisco_ios_xe_software	3.18s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.18s:::::::*
cisco	cisco_ios_xe_software	3.18sp	cpe:2.3:a:cisco:cisco_ios_xe_software:3.18sp:::::::*
cisco	cisco_ios_xe_software	16.7	cpe:2.3:a:cisco:cisco_ios_xe_software:16.7:::::::*
cisco	cisco_ios_xe_software	16.8	cpe:2.3:a:cisco:cisco_ios_xe_software:16.8:::::::*
cisco	cisco_ios_xe_software	16.9	cpe:2.3:a:cisco:cisco_ios_xe_software:16.9:::::::*
cisco	cisco_ios_xe_software	16.10	cpe:2.3:a:cisco:cisco_ios_xe_software:16.10:::::::*