Lucene search

CiscoCISCO-SA-20180926-SIP-ALG

HistorySep 26, 2018 - 4:00 p.m.

Cisco IOS XE Software NAT Session Initiation Protocol Application Layer Gateway Denial of Service Vulnerability

2018-09-2616:00:00

tools.cisco.com

151

EPSS

0.003

Percentile

70.0%

JSON

A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload.

The vulnerability is due to improper processing of SIP packets in transit while NAT is performed on an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted SIP packets via UDP port 5060 through an affected device that is performing NAT for SIP packets. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-sip-alg [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-sip-alg”]
This advisory is part of the September 26, 2018, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 12 Cisco Security Advisories that describe 13 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: September 2018 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-69981”].

Affected configurations

Vulners

Node

ciscocisco_ios_xe_softwareMatch3.14s

ciscocisco_ios_xe_softwareMatch3.15s

ciscocisco_ios_xe_softwareMatch3.16s

ciscocisco_ios_xe_softwareMatch3.17s

ciscocisco_ios_xe_softwareMatch16.1

ciscocisco_ios_xe_softwareMatch16.2

ciscocisco_ios_xe_softwareMatch16.3

ciscocisco_ios_xe_softwareMatch16.4

ciscocisco_ios_xe_softwareMatch16.5

ciscocisco_ios_xe_softwareMatch3.18s

ciscocisco_ios_xe_softwareMatch3.18sp

ciscocisco_ios_xe_softwareMatch16.6

ciscocisco_ios_xe_softwareMatch16.7

ciscocisco_ios_xe_softwareMatch16.9

ciscocisco_ios_xe_softwareMatch3.14.0s

ciscocisco_ios_xe_softwareMatch3.14.1s

ciscocisco_ios_xe_softwareMatch3.14.2s

ciscocisco_ios_xe_softwareMatch3.14.3s

ciscocisco_ios_xe_softwareMatch3.14.4s

ciscocisco_ios_xe_softwareMatch3.15.0s

ciscocisco_ios_xe_softwareMatch3.15.1s

ciscocisco_ios_xe_softwareMatch3.15.2s

ciscocisco_ios_xe_softwareMatch3.15.1cs

ciscocisco_ios_xe_softwareMatch3.15.3s

ciscocisco_ios_xe_softwareMatch3.15.4s

ciscocisco_ios_xe_softwareMatch3.16.0s

ciscocisco_ios_xe_softwareMatch3.16.1s

ciscocisco_ios_xe_softwareMatch3.16.0as

ciscocisco_ios_xe_softwareMatch3.16.1as

ciscocisco_ios_xe_softwareMatch3.16.2s

ciscocisco_ios_xe_softwareMatch3.16.2as

ciscocisco_ios_xe_softwareMatch3.16.0bs

ciscocisco_ios_xe_softwareMatch3.16.0cs

ciscocisco_ios_xe_softwareMatch3.16.3s

ciscocisco_ios_xe_softwareMatch3.16.2bs

ciscocisco_ios_xe_softwareMatch3.16.3as

ciscocisco_ios_xe_softwareMatch3.16.4s

ciscocisco_ios_xe_softwareMatch3.16.4as

ciscocisco_ios_xe_softwareMatch3.16.4bs

ciscocisco_ios_xe_softwareMatch3.16.4gs

ciscocisco_ios_xe_softwareMatch3.16.5s

ciscocisco_ios_xe_softwareMatch3.16.4cs

ciscocisco_ios_xe_softwareMatch3.16.4ds

ciscocisco_ios_xe_softwareMatch3.16.4es

ciscocisco_ios_xe_softwareMatch3.16.6s

ciscocisco_ios_xe_softwareMatch3.16.5as

ciscocisco_ios_xe_softwareMatch3.16.5bs

ciscocisco_ios_xe_softwareMatch3.16.6bs

ciscocisco_ios_xe_softwareMatch3.17.0s

ciscocisco_ios_xe_softwareMatch3.17.1s

ciscocisco_ios_xe_softwareMatch3.17.2s

ciscocisco_ios_xe_softwareMatch3.17.1as

ciscocisco_ios_xe_softwareMatch3.17.3s

ciscocisco_ios_xe_softwareMatch3.17.4s

ciscocisco_ios_xe_softwareMatch16.1.1

ciscocisco_ios_xe_softwareMatch16.1.2

ciscocisco_ios_xe_softwareMatch16.1.3

ciscocisco_ios_xe_softwareMatch16.2.1

ciscocisco_ios_xe_softwareMatch16.2.2

ciscocisco_ios_xe_softwareMatch16.3.1

ciscocisco_ios_xe_softwareMatch16.3.2

ciscocisco_ios_xe_softwareMatch16.3.3

ciscocisco_ios_xe_softwareMatch16.3.1a

ciscocisco_ios_xe_softwareMatch16.3.4

ciscocisco_ios_xe_softwareMatch16.3.5

ciscocisco_ios_xe_softwareMatch16.3.5b

ciscocisco_ios_xe_softwareMatch16.4.1

ciscocisco_ios_xe_softwareMatch16.4.2

ciscocisco_ios_xe_softwareMatch16.4.3

ciscocisco_ios_xe_softwareMatch16.5.1

ciscocisco_ios_xe_softwareMatch16.5.1a

ciscocisco_ios_xe_softwareMatch16.5.1b

ciscocisco_ios_xe_softwareMatch16.5.2

ciscocisco_ios_xe_softwareMatch3.18.0as

ciscocisco_ios_xe_softwareMatch3.18.0s

ciscocisco_ios_xe_softwareMatch3.18.1s

ciscocisco_ios_xe_softwareMatch3.18.2s

ciscocisco_ios_xe_softwareMatch3.18.3s

ciscocisco_ios_xe_softwareMatch3.18.4s

ciscocisco_ios_xe_softwareMatch3.18.0sp

ciscocisco_ios_xe_softwareMatch3.18.1sp

ciscocisco_ios_xe_softwareMatch3.18.1asp

ciscocisco_ios_xe_softwareMatch3.18.1gsp

ciscocisco_ios_xe_softwareMatch3.18.1bsp

ciscocisco_ios_xe_softwareMatch3.18.1csp

ciscocisco_ios_xe_softwareMatch3.18.2sp

ciscocisco_ios_xe_softwareMatch3.18.1hsp

ciscocisco_ios_xe_softwareMatch3.18.2asp

ciscocisco_ios_xe_softwareMatch3.18.1isp

ciscocisco_ios_xe_softwareMatch3.18.3sp

ciscocisco_ios_xe_softwareMatch3.18.4sp

ciscocisco_ios_xe_softwareMatch3.18.3asp

ciscocisco_ios_xe_softwareMatch3.18.3bsp

ciscocisco_ios_xe_softwareMatch3.18.6sp

ciscocisco_ios_xe_softwareMatch16.6.1

ciscocisco_ios_xe_softwareMatch16.6.2

ciscocisco_ios_xe_softwareMatch16.7.1

ciscocisco_ios_xe_softwareMatch16.7.1a

ciscocisco_ios_xe_softwareMatch16.7.1b

ciscocisco_ios_xe_softwareMatch16.9.1b

VendorProductVersionCPE
ciscocisco_ios_xe_software3.14scpe:2.3:a:cisco:cisco_ios_xe_software:3.14s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.15scpe:2.3:a:cisco:cisco_ios_xe_software:3.15s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.16scpe:2.3:a:cisco:cisco_ios_xe_software:3.16s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.17scpe:2.3:a:cisco:cisco_ios_xe_software:3.17s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.1cpe:2.3:a:cisco:cisco_ios_xe_software:16.1:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.2cpe:2.3:a:cisco:cisco_ios_xe_software:16.2:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.3cpe:2.3:a:cisco:cisco_ios_xe_software:16.3:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.4cpe:2.3:a:cisco:cisco_ios_xe_software:16.4:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.5cpe:2.3:a:cisco:cisco_ios_xe_software:16.5:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.18scpe:2.3:a:cisco:cisco_ios_xe_software:3.18s:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	cisco_ios_xe_software	3.14s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.14s:::::::*
cisco	cisco_ios_xe_software	3.15s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.15s:::::::*
cisco	cisco_ios_xe_software	3.16s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.16s:::::::*
cisco	cisco_ios_xe_software	3.17s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.17s:::::::*
cisco	cisco_ios_xe_software	16.1	cpe:2.3:a:cisco:cisco_ios_xe_software:16.1:::::::*
cisco	cisco_ios_xe_software	16.2	cpe:2.3:a:cisco:cisco_ios_xe_software:16.2:::::::*
cisco	cisco_ios_xe_software	16.3	cpe:2.3:a:cisco:cisco_ios_xe_software:16.3:::::::*
cisco	cisco_ios_xe_software	16.4	cpe:2.3:a:cisco:cisco_ios_xe_software:16.4:::::::*
cisco	cisco_ios_xe_software	16.5	cpe:2.3:a:cisco:cisco_ios_xe_software:16.5:::::::*
cisco	cisco_ios_xe_software	3.18s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.18s:::::::*