Cisco ASR 903 and ASR 920 Series Devices IPv6 Packet Processing Denial of Service Vulnerability CVE-2017-6603
- CVSSv3 Score
- Vulnerability description
A vulnerability in Cisco ASR 903 or ASR 920 Series Devices running with an RSP2 card could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on a targeted system.
- Risk description
The vulnerability is due to insufficient processing of IPv6 packets by the affected system. The system could push IPv6 traffic to the processor even when the device is not configured for IPv6, which could cause other control packets to be affected. A successful exploit could allow the attacker to cause a DoS condition on the system.
See the referenced vendor advisory for a solution.
- Not available