Skip Ribbon Commands
Skip to main content
Computer Security Incident Response Team of Mauritius (CERT-MU)

VN-2017-129


Cisco IOS/IOS XE IKEv2 Processing Flaw Lets Remote Users Cause the Target System to Reload
Severity Rating: High
Systems Affected:
This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS Software or Cisco IOS XE Software and have the Internet Security Association and Key Management Protocol (ISAKMP) enabled.
Description
A vulnerability has been identified in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software and this could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is caused due to how an affected device processes certain IKEv2 packets. This vulnerability could be exploited by sending specific IKEv2 packets to an affected device to be processed. Successful exploitation of the vulnerability could allow the attacker to cause high CPU utilization, traceback messages, or a reload of the affected device that leads to a DoS condition.
Solution
Users are advised to apply updates.
More information is available on:
 
Vendor Information
Cisco
CVE Information
References
Cisco Security Bulletin
Security Tracker
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis