Cisco ASR 5000 Series ipsecmgr Service DoS (cisco-sa-20161116-asr)

high Nessus Plugin ID 95538

Synopsis

The remote device is affected by a denial of service vulnerability.

Description

The remote Cisco ASR 5000 Series device is affected by a denial of service vulnerability in the ipsecmgr service of StarOS due to improper processing of Internet Key Exchange (IKE) messages. An unauthenticated, remote attacker can exploit this vulnerability, via specially crafted IKE messages, to cause a reload of the ipsecmgr service, resulting in all active IPSEC tunnels being terminated and preventing new tunnels from establishing until the service has restarted.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCva13631.

See Also

http://www.nessus.org/u?fd9e6b40

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCva13631

Plugin Details

Severity: High

ID: 95538

File Name: cisco-sa-20161116-asr.nasl

Version: 1.5

Type: local

Family: CISCO

Published: 12/5/2016

Updated: 8/7/2020

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2016-6466

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:staros, cpe:/h:cisco:asr_5000

Required KB Items: Host/Cisco/ASR/Model, Host/Cisco/StarOS

Exploit Ease: No known exploits are available

Patch Publication Date: 11/16/2016

Vulnerability Publication Date: 11/16/2016

Reference Information

CVE: CVE-2016-6466

BID: 94361

CISCO-SA: cisco-sa-20161116-asr

IAVB: 2016-B-0168-S

CISCO-BUG-ID: CSCva13631