A vulnerability in authentication header packets processing on the Cisco ISM module for ISR G2 could allow an authenticated, remote malicious user to cause a reload of the affected module. The vulnerability is due to improper processing of malformed authentication header packets. An attacker could exploit this vulnerability by sending a stream of malformed authentication header packets over an established IPsec security association. An exploit could allow the malicious user to cause a reload of the affected module, resulting in a denial of service (DoS) condition for IPsec traffic. Cisco has confirmed the vulnerability in a security notice and software updates are available. To exploit this vulnerability, the attacker must authenticate to a targeted system to send malformed authentication header packets. This access requirement limits the possibility of a successful exploit. Customers are advised to review the bug reports in the "Vendor Announcements" section for a current list of affected versions. Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco ios - |
||
cisco 3945e_integrated_services_router - |
||
cisco 3925_integrated_services_router - |
||
cisco 3925e_integrated_services_router - |
||
cisco 2951_integrated_services_router - |
||
cisco 887_integrated_services_router - |
||
cisco 886va-w_integrated_services_router - |
||
cisco 886va_integrated_services_router - |
||
cisco 886_integrated_services_router - |
||
cisco c881w_integrated_services_router - |
||
cisco 2911_integrated_services_router - |
||
cisco 1941_integrated_services_router - |
||
cisco 888_integrated_services_router - |
||
cisco 887va_integrated_services_router - |
||
cisco 881_integrated_services_router - |
||
cisco 867_integrated_services_router - |
||
cisco 1941w_integrated_services_router - |
||
cisco 1921_integrated_services_router - |
||
cisco 892_integrated_services_router - |
||
cisco 891_integrated_services_router - |
||
cisco 3945_integrated_services_router - |
||
cisco 2921_integrated_services_router - |
||
cisco 2901_integrated_services_router - |
||
cisco 887va-w_integrated_services_router - |
||
cisco 887v_integrated_services_router - |
||
cisco 880_3g_integrated_services_router - |
||
cisco 861_integrated_services_router - |