Vulnerability Name:

CVE-2017-6729 (CCN-128002)

Assigned:2017-07-05
Published:2017-07-05
Updated:2019-10-03
Summary:A vulnerability in the Border Gateway Protocol (BGP) processing functionality of the Cisco StarOS operating system for Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core (VPC) Software could allow an unauthenticated, remote attacker to cause the BGP process on an affected system to reload, resulting in a denial of service (DoS) condition. This vulnerability affects the following products if they are running the Cisco StarOS operating system and BGP is enabled for the system: Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core Software. More Information: CSCvc44968. Known Affected Releases: 16.4.1 19.1.0 21.1.0 21.1.M0.65824. Known Fixed Releases: 21.3.A0.65902 21.2.A0.65905 21.1.b0.66164 21.1.V0.66014 21.1.R0.65898 21.1.M0.65894 21.1.0.66030 21.1.0.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
5.8 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L)
5.1 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-noinfo
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2017-6729

Source: BID
Type: Third Party Advisory, VDB Entry
100015

Source: CCN
Type: BID-100015
Cisco StarOS CVE-2017-6729 Remote Denial of Service Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1038819

Source: XF
Type: UNKNOWN
cisco-staros-cve20176729-dos(128002)

Source: CCN
Type: Cisco Security Advisory cisco-sa-20170705-staros
Cisco StarOS Border Gateway Protocol Process Denial of Service Vulnerability

Source: CONFIRM
Type: Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-staros

Vulnerable Configuration:Configuration 1:
  • cpe:/a:cisco:asr_5000_software:16.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:16.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:16.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:17.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:17.2.0.59184:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:17.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:17.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:17.3.9.62033:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:17.3_base:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:17.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:17.7.5:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:18.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:18.0.0.57828:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:18.0.0.59167:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:18.0.0.59211:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:18.0.l0.59219:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:18.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:18.1.0.59776:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:18.1.0.59780:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:18.1_base:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:18.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:18.3_base:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:18.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:19.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:19.0.m0.60737:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:19.0.m0.60828:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:19.0.m0.61045:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:19.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:19.1.0.61559:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:19.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:19.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:19.6.3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:19.6_base:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:20.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:20.0.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:20.0.1.a0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:20.0.1.v0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:20.0.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:20.0.2.3.65026:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:20.0.2.v1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:20.0.m0.62842:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:20.0.m0.63229:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:20.0.v0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:20.1.v2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:20.1_base:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:20.2.12:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:20.2_base:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:21.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:21.0.v1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:21.0_base:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:21.0_m0.64246:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:asr_5000_software:21.0_m0.64702:*:*:*:*:*:*:*
  • AND
  • cpe:/h:cisco:asr_5000:-:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:cisco:staros:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    cisco asr 5000 software 16.4.1
    cisco asr 5000 software 16.5.0
    cisco asr 5000 software 16.5.2
    cisco asr 5000 software 17.2.0
    cisco asr 5000 software 17.2.0.59184
    cisco asr 5000 software 17.3.0
    cisco asr 5000 software 17.3.1
    cisco asr 5000 software 17.3.9.62033
    cisco asr 5000 software 17.3_base
    cisco asr 5000 software 17.7.0
    cisco asr 5000 software 17.7.5
    cisco asr 5000 software 18.0.0
    cisco asr 5000 software 18.0.0.57828
    cisco asr 5000 software 18.0.0.59167
    cisco asr 5000 software 18.0.0.59211
    cisco asr 5000 software 18.0.l0.59219
    cisco asr 5000 software 18.1.0
    cisco asr 5000 software 18.1.0.59776
    cisco asr 5000 software 18.1.0.59780
    cisco asr 5000 software 18.1_base
    cisco asr 5000 software 18.3.0
    cisco asr 5000 software 18.3_base
    cisco asr 5000 software 18.4.0
    cisco asr 5000 software 19.0.1
    cisco asr 5000 software 19.0.m0.60737
    cisco asr 5000 software 19.0.m0.60828
    cisco asr 5000 software 19.0.m0.61045
    cisco asr 5000 software 19.1.0
    cisco asr 5000 software 19.1.0.61559
    cisco asr 5000 software 19.2.0
    cisco asr 5000 software 19.3.0
    cisco asr 5000 software 19.6.3
    cisco asr 5000 software 19.6_base
    cisco asr 5000 software 20.0.0
    cisco asr 5000 software 20.0.1.0
    cisco asr 5000 software 20.0.1.a0
    cisco asr 5000 software 20.0.1.v0
    cisco asr 5000 software 20.0.2.3
    cisco asr 5000 software 20.0.2.3.65026
    cisco asr 5000 software 20.0.2.v1
    cisco asr 5000 software 20.0.m0.62842
    cisco asr 5000 software 20.0.m0.63229
    cisco asr 5000 software 20.0.v0
    cisco asr 5000 software 20.1.v2
    cisco asr 5000 software 20.1_base
    cisco asr 5000 software 20.2.12
    cisco asr 5000 software 20.2_base
    cisco asr 5000 software 21.0.0
    cisco asr 5000 software 21.0.v1
    cisco asr 5000 software 21.0_base
    cisco asr 5000 software 21.0_m0.64246
    cisco asr 5000 software 21.0_m0.64702
    cisco asr 5000 -
    cisco staros *