Detections
Analytics

Cisco ASR StarOS Border Gateway Protocol Process DoS (cisco-sa-20170705-staros)

high Nessus Plugin ID 101529

Language:

Synopsis

The remote device is affected by a denial of service vulnerability.

Description

According to its self-reported version and model number, the remote Cisco ASR device is affected by a denial of service vulnerability in StarOS in the Border Gateway Protocol (BGP) processing functionality due to improper boundary controls for the peering sessions list. An unauthenticated, remote attacker can exploit this, via specially crafted TCP packets, to cause the BGP process to reload.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvc44968.

See Also

http://www.nessus.org/u?0decdaed

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvc44968

Plugin Details

Severity: High

ID: 101529

File Name: cisco-sa-20170705-staros.nasl

Version: 1.8

Type: local

Family: CISCO

Published: 7/13/2017

Updated: 11/12/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2017-6729

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:staros, cpe:/h:cisco:asr_5000, cpe:/a:cisco:asr_5000_series_software

Required KB Items: Host/Cisco/ASR/Model, Host/Cisco/StarOS

Exploit Ease: No known exploits are available

Patch Publication Date: 7/5/2017

Vulnerability Publication Date: 7/5/2017

Reference Information

CVE: CVE-2017-6729

CISCO-SA: cisco-sa-20170705-staros

CISCO-BUG-ID: CSCvc44968