Lucene search

CiscoCISCO-SA-ASR920-ABJCLMEF

HistoryJun 03, 2020 - 4:00 p.m.

Cisco ASR 920 Series Aggregation Services Router Model 12SZ-IM SNMP Denial of Service Vulnerability

2020-06-0316:00:00

tools.cisco.com

0.001 Low

EPSS

Percentile

50.6%

JSON

A vulnerability in the Simple Network Management Protocol (SNMP) implementation in Cisco ASR 920 Series Aggregation Services Router model ASR920-12SZ-IM could allow an authenticated, remote attacker to cause the device to reload.

The vulnerability is due to incorrect handling of data that is returned for Cisco Discovery Protocol queries to SNMP. An attacker could exploit this vulnerability by sending a request for Cisco Discovery Protocol information by using SNMP. An exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr920-ABjcLmef [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr920-ABjcLmef”]

Affected configurations

Vulners

Node

ciscorvs4000_softwareMatch3.16s

ciscorvs4000_softwareMatch3.17s

ciscorvs4000_softwareMatch16.5

ciscorvs4000_softwareMatch3.18s

ciscorvs4000_softwareMatch3.18sp

ciscorvs4000_softwareMatch16.6

ciscorvs4000_softwareMatch16.7

ciscorvs4000_softwareMatch16.8

ciscorvs4000_softwareMatch16.9

ciscoasr_900_series_softwareMatchany

ciscorvs4000_softwareMatch3.16.0s

ciscorvs4000_softwareMatch3.16.1as

ciscorvs4000_softwareMatch3.16.2as

ciscorvs4000_softwareMatch3.16.3as

ciscorvs4000_softwareMatch3.16.4s

ciscorvs4000_softwareMatch3.16.4bs

ciscorvs4000_softwareMatch3.16.5s

ciscorvs4000_softwareMatch3.16.6s

ciscorvs4000_softwareMatch3.16.5as

ciscorvs4000_softwareMatch3.16.7s

ciscorvs4000_softwareMatch3.16.6bs

ciscorvs4000_softwareMatch3.16.7bs

ciscorvs4000_softwareMatch3.16.8s

ciscorvs4000_softwareMatch3.16.9s

ciscorvs4000_softwareMatch3.16.10s

ciscorvs4000_softwareMatch3.17.0s

ciscorvs4000_softwareMatch3.17.1s

ciscorvs4000_softwareMatch3.17.2s

ciscorvs4000_softwareMatch3.17.3s

ciscorvs4000_softwareMatch3.17.4s

ciscorvs4000_softwareMatch16.5.1

ciscorvs4000_softwareMatch16.5.2

ciscorvs4000_softwareMatch16.5.3

ciscorvs4000_softwareMatch3.18.0s

ciscorvs4000_softwareMatch3.18.1s

ciscorvs4000_softwareMatch3.18.2s

ciscorvs4000_softwareMatch3.18.3s

ciscorvs4000_softwareMatch3.18.4s

ciscorvs4000_softwareMatch3.18.0sp

ciscorvs4000_softwareMatch3.18.1sp

ciscorvs4000_softwareMatch3.18.1gsp

ciscorvs4000_softwareMatch3.18.2sp

ciscorvs4000_softwareMatch3.18.1hsp

ciscorvs4000_softwareMatch3.18.1isp

ciscorvs4000_softwareMatch3.18.3sp

ciscorvs4000_softwareMatch3.18.4sp

ciscorvs4000_softwareMatch16.6.1

ciscorvs4000_softwareMatch16.6.2

ciscorvs4000_softwareMatch16.6.3

ciscorvs4000_softwareMatch16.6.4

ciscorvs4000_softwareMatch16.6.4s

ciscorvs4000_softwareMatch16.7.1

ciscorvs4000_softwareMatch16.7.2

ciscorvs4000_softwareMatch16.7.3

ciscorvs4000_softwareMatch16.8.1

ciscorvs4000_softwareMatch16.8.1b

ciscorvs4000_softwareMatch16.8.1c

ciscorvs4000_softwareMatch16.9.1

ciscorvs4000_softwareMatch16.9.1a

ciscorvs4000_softwareMatch16.9.1b

ciscoasr_900_series_softwareMatch920_series_aggregation_services_router

CPENameOperatorVersion
cisco ios xe softwareeq3.16S
cisco ios xe softwareeq3.17S
cisco ios xe softwareeq16.5
cisco ios xe softwareeq3.18S
cisco ios xe softwareeq3.18SP
cisco ios xe softwareeq16.6
cisco ios xe softwareeq16.7
cisco ios xe softwareeq16.8
cisco ios xe softwareeq16.9
cisco asr 920 series aggregation services routereqany

Name	Operator	Version
cisco ios xe software	eq	3.16S
cisco ios xe software	eq	3.17S
cisco ios xe software	eq	16.5
cisco ios xe software	eq	3.18S
cisco ios xe software	eq	3.18SP
cisco ios xe software	eq	16.6
cisco ios xe software	eq	16.7
cisco ios xe software	eq	16.8
cisco ios xe software	eq	16.9
cisco asr 920 series aggregation services router	eq	any