HomePentest-Tools.com Logo

Cisco Network Convergence System 5500 Series Routers Local Denial of Service Vulnerability (cisco-sa-20170607-ncs) CVE-2017-6666

CVSSv3 Score
Vulnerability description

A vulnerability in the forwarding component of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an authenticated, local attacker to cause the router to stop forwarding data traffic across Traffic Engineering tunnels, resulting in a denial of service (DoS) condition.

Risk description

The vulnerability occurs because adjacency information for a Traffic Engineering tunnels physical source interface is not propagated to hardware after the adjacency is lost. This information needs to be relearned. An attacker could exploit this vulnerability by logging in to the routers CLI with administrator privileges and issuing the clear arp-cache command. A local attacker may cause a denial of service condition.


See the referenced vendor advisory for a solution.

Not available
Detectable with
Network Scanner
Scan engine
Exploitable with Sniper
CVE Published
Jun 13, 2017
Detection added at
Software Type
Not available
Not available
Not available