Cisco ASR 9000 Series Aggregation Services Routers tmp Files Denial of Service Vulnerability

2015-08-1122:36:59

tools.cisco.com

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

EPSS

Percentile

5.1%

JSON

A vulnerability in Cisco ASR 9000 Series Aggregation Services Routers could allow an authenticated, local attacker to produce excessive tmp/*config files, causing the system to become unresponsive.

The vulnerability is due to the abrupt closure of the user’s vty sessions after the commit/end in global configuration mode. An attacker could exploit this vulnerability by using methods to generate excessive tmp/*config files, causing the affected system’s memory to be exhausted, resulting in a denial of service (DoS) condition.

Cisco has confirmed the vulnerability and released software updates.

To exploit this vulnerability, an attacker must authenticate and have local access to the targeted device. These access requirements may reduce the likelihood of a successful exploit.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.

Affected configurations

Vulners

Node

ciscoasr_9000_rsp440_routerMatchany

ciscoasr_9904Match9000_series_aggregation_services_routers

VendorProductVersionCPE
ciscoasr_9000_rsp440_routeranycpe:2.3:h:cisco:asr_9000_rsp440_router:any:*:*:*:*:*:*:*
ciscoasr_99049000_series_aggregation_services_routerscpe:2.3:h:cisco:asr_9904:9000_series_aggregation_services_routers:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	asr_9000_rsp440_router	any	cpe:2.3:h:cisco:asr_9000_rsp440_router:any:::::::*
cisco	asr_9904	9000_series_aggregation_services_routers	cpe:2.3:h:cisco:asr_9904:9000_series_aggregation_services_routers:::::::*