Cisco 1000 Series Connected Grid Routers SNMP BRIDGE MIB Denial of Service Vulnerability

A vulnerability in the Simple Network Management Protocol (SNMP) BRIDGE Management Information Base (MIB) of the Cisco 1000 Series Connected Grid Routers could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.

The vulnerability is due to a faulty implementation of certain SNMP Object Identifiers (OIDs) within the BRIDGE MIB. An SNMP request for certain Object Identifiers (OIDs) within the BRIDGE MIB can cause the device to reload unexpectedly. If an attacker knows the SNMP community string, the attacker could exploit this vulnerability by performing an authenticated SNMP request of the BRIDGE MIB OID to an affected device. An exploit could allow the attacker to cause the affected device to reload with each SNMP request, creating a DoS condition.

Cisco has released not software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160216-grid[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160216-grid”]