A vulnerability in the IP Address Resolution Protocol (ARP) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers with a 20-Gbps Embedded Services Processor (ESP) installed could allow an unauthenticated, adjacent malicious user to cause an affected device to reload, resulting in a denial of service condition. The vulnerability is due to insufficient error handling when an affected device has reached platform limitations. An attacker could exploit this vulnerability by sending a malicious series of IP ARP messages to an affected device. A successful exploit could allow the malicious user to exhaust system resources, which would eventually cause the affected device to reload.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco ios_xe 16.3.1 |
||
cisco ios_xe 16.6.5 |
||
cisco ios_xe 16.7\\(1\\) |
||
cisco ios_xe 17.1.1 |
||
cisco ios_xe 16.9.1 |
||
cisco ios_xe 17.4.1 |