Cisco Network Convergence System 5500 Series Routers Local Denial of Service Vulnerability (cisco-sa-20170607-ncs) CVE-2017-6666
- CVSSv3 Score
- Vulnerability description
A vulnerability in the forwarding component of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an authenticated, local attacker to cause the router to stop forwarding data traffic across Traffic Engineering tunnels, resulting in a denial of service (DoS) condition.
- Risk description
The vulnerability occurs because adjacency information for a Traffic Engineering tunnels physical source interface is not propagated to hardware after the adjacency is lost. This information needs to be relearned. An attacker could exploit this vulnerability by logging in to the routers CLI with administrator privileges and issuing the clear arp-cache command. A local attacker may cause a denial of service condition.
See the referenced vendor advisory for a solution.
- Not available