Lucene search

CiscoCISCO-SA-COPS-VLD-MPBTVGEW

HistorySep 24, 2020 - 4:00 p.m.

Cisco IOS XE Software Common Open Policy Service Engine Denial of Service Vulnerability

2020-09-2416:00:00

tools.cisco.com

0.002 Low

EPSS

Percentile

52.8%

JSON

A vulnerability in the Common Open Policy Service (COPS) engine of Cisco IOS XE Software on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to crash a device.

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a malformed COPS message to the device. A successful exploit could allow the attacker to crash the device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-COPS-VLD-MpbTvGEW [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-COPS-VLD-MpbTvGEW”]

This advisory is part of the September 24, 2020, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 25 Cisco Security Advisories that describe 34 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: September 2020 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74268”].

Affected configurations

Vulners

Node

ciscorvs4000_softwareMatch3.15s

ciscorvs4000_softwareMatch3.16s

ciscorvs4000_softwareMatch3.17s

ciscorvs4000_softwareMatch16.4

ciscorvs4000_softwareMatch16.5

ciscorvs4000_softwareMatch3.18s

ciscorvs4000_softwareMatch3.18sp

ciscorvs4000_softwareMatch16.6

ciscorvs4000_softwareMatch16.7

ciscorvs4000_softwareMatch16.8

ciscorvs4000_softwareMatch16.9

ciscorvs4000_softwareMatch16.10

ciscorvs4000_softwareMatch16.11

ciscorvs4000_softwareMatch16.12

ciscorvs4000_softwareMatch17.1

ciscorvs4000_softwareMatchany

ciscorvs4000_softwareMatch3.15.0s

ciscorvs4000_softwareMatch3.15.1s

ciscorvs4000_softwareMatch3.15.2s

ciscorvs4000_softwareMatch3.15.3s

ciscorvs4000_softwareMatch3.16.0s

ciscorvs4000_softwareMatch3.16.1s

ciscorvs4000_softwareMatch3.16.2s

ciscorvs4000_softwareMatch3.17.0s

ciscorvs4000_softwareMatch3.17.1s

ciscorvs4000_softwareMatch3.17.2s

ciscorvs4000_softwareMatch16.4.1

ciscorvs4000_softwareMatch16.5.1

ciscorvs4000_softwareMatch3.18.0as

ciscorvs4000_softwareMatch3.18.1s

ciscorvs4000_softwareMatch3.18.0sp

ciscorvs4000_softwareMatch3.18.1sp

ciscorvs4000_softwareMatch3.18.1asp

ciscorvs4000_softwareMatch3.18.2asp

ciscorvs4000_softwareMatch3.18.3sp

ciscorvs4000_softwareMatch3.18.4sp

ciscorvs4000_softwareMatch3.18.3asp

ciscorvs4000_softwareMatch3.18.3bsp

ciscorvs4000_softwareMatch3.18.5sp

ciscorvs4000_softwareMatch3.18.6sp

ciscorvs4000_softwareMatch16.6.1

ciscorvs4000_softwareMatch16.6.2

ciscorvs4000_softwareMatch16.7.1

ciscorvs4000_softwareMatch16.7.1a

ciscorvs4000_softwareMatch16.7.1b

ciscorvs4000_softwareMatch16.7.2

ciscorvs4000_softwareMatch16.7.3

ciscorvs4000_softwareMatch16.7.4

ciscorvs4000_softwareMatch16.8.1

ciscorvs4000_softwareMatch16.8.1d

ciscorvs4000_softwareMatch16.8.1e

ciscorvs4000_softwareMatch16.9.1

ciscorvs4000_softwareMatch16.9.1a

ciscorvs4000_softwareMatch16.10.1

ciscorvs4000_softwareMatch16.10.1c

ciscorvs4000_softwareMatch16.10.1d

ciscorvs4000_softwareMatch16.10.1f

ciscorvs4000_softwareMatch16.10.1g

ciscorvs4000_softwareMatch16.11.2

ciscorvs4000_softwareMatch16.12.1

ciscorvs4000_softwareMatch16.12.1w

ciscorvs4000_softwareMatch16.12.1y

ciscorvs4000_softwareMatch16.12.2s

ciscorvs4000_softwareMatch16.12.1x

ciscorvs4000_softwareMatch16.12.2t

ciscorvs4000_softwareMatch17.1.1

ciscorvs4000_softwareMatch17.1.1s

ciscorvs4000_softwareMatch17.1.1t

ciscorvs4000_softwareMatchany

CPENameOperatorVersion
cisco ios xe softwareeq3.15S
cisco ios xe softwareeq3.16S
cisco ios xe softwareeq3.17S
cisco ios xe softwareeq16.4
cisco ios xe softwareeq16.5
cisco ios xe softwareeq3.18S
cisco ios xe softwareeq3.18SP
cisco ios xe softwareeq16.6
cisco ios xe softwareeq16.7
cisco ios xe softwareeq16.8

Name	Operator	Version
cisco ios xe software	eq	3.15S
cisco ios xe software	eq	3.16S
cisco ios xe software	eq	3.17S
cisco ios xe software	eq	16.4
cisco ios xe software	eq	16.5
cisco ios xe software	eq	3.18S
cisco ios xe software	eq	3.18SP
cisco ios xe software	eq	16.6
cisco ios xe software	eq	16.7
cisco ios xe software	eq	16.8