Cisco IOS XR Software BGP MPLS-Based EVPN Denial of Service Vulnerability (cisco-sa-20190515-iosxr-evpn-dos)

medium Nessus Plugin ID 133726

Synopsis

The remote device is missing a vendor-supplied security patch

Description

According to its self-reported version, Cisco IOS XR Software is affected by a vulnerability in the Border Gateway Protocol (BGP) Multiprotocol Label Switching (MPLS)-based Ethernet VPN (EVPN) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device.
The vulnerability is due to a logic error that occurs when the affected software processes specific EVPN routing information. An attacker could exploit this vulnerability by injecting malicious traffic patterns into the targeted EVPN network. A successful exploit could result in a crash of the l2vpn_mgr process on Provider Edge (PE) device members of the same EVPN instance (EVI). On each of the affected devices, a crash could lead to system instability and the inability to process or forward traffic through the device, resulting in a DoS condition that would require manual intervention to restore normal operating conditions.

Please see the included Cisco BIDs and Cisco Security Advisory for more information

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvk35997

See Also

http://www.nessus.org/u?79d65f6d

http://www.nessus.org/u?f37c1289

Plugin Details

Severity: Medium

ID: 133726

File Name: cisco-sa-20190515-iosxr-evpn-dos.nasl

Version: 1.8

Type: combined

Family: CISCO

Published: 2/18/2020

Updated: 5/7/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 6.1

Temporal Score: 4.5

Vector: CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2019-1849

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.7

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:ios_xr

Required KB Items: Host/Cisco/IOS-XR/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 5/15/2019

Vulnerability Publication Date: 5/16/2019

Reference Information

CVE: CVE-2019-1849

BID: 108342