Vulnerability Name:


Summary:Cisco IOS XR 3.8.1 through 4.2.0 does not properly process fragmented packets within the RP-A, RP-B, PRP, and DRP-B route-processor components, which allows remote attackers to cause a denial of service (transmission outage) via (1) IPv4 or (2) IPv6 traffic, aka Bug ID CSCuh30380.
CVSS v3 Severity:5.9 Medium (CCN CVSS v3 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:7.1 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C)
5.3 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
7.1 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C)
5.3 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
References:Source: CISCO
20131023 Cisco IOS XR Software Route Processor Denial of Service Vulnerability

Source: XF

Vulnerable Configuration:Configuration 1:
  • cpe:/o:cisco:ios_xr:3.8.1:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios_xr:3.8.2:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios_xr:3.8.3:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios_xr:3.8.4:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios_xr:3.9.0:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios_xr:3.9.1:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios_xr:3.9.2:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios_xr:4.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios_xr:4.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios_xr:4.0.2:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios_xr:4.0.3:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios_xr:4.0.4:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios_xr:4.1:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios_xr:4.1.1:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios_xr:4.1.2:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios_xr:4.2.0:*:*:*:*:*:*:*

  • Denotes that component is vulnerable
    cisco ios_xr 3.8.1
    cisco ios_xr 3.8.2
    cisco ios_xr 3.8.3
    cisco ios_xr 3.8.4
    cisco ios_xr 3.9.0
    cisco ios_xr 3.9.1
    cisco ios_xr 3.9.2
    cisco ios_xr 4.0.0
    cisco ios_xr 4.0.1
    cisco ios_xr 4.0.2
    cisco ios_xr 4.0.3
    cisco ios_xr 4.0.4
    cisco ios_xr 4.1
    cisco ios_xr 4.1.1
    cisco ios_xr 4.1.2
    cisco ios_xr 4.2.0