CVE-2017-6729

A vulnerability in the Border Gateway Protocol (BGP) processing functionality of the Cisco StarOS operating system for Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core (VPC) Software could allow an unauthenticated, remote attacker to cause the BGP process on an affected system to reload, resulting in a denial of service (DoS) condition. This vulnerability affects the following products if they are running the Cisco StarOS operating system and BGP is enabled for the system: Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core Software. More Information: CSCvc44968. Known Affected Releases: 16.4.1 19.1.0 21.1.0 21.1.M0.65824. Known Fixed Releases: 21.3.A0.65902 21.2.A0.65905 21.1.b0.66164 21.1.V0.66014 21.1.R0.65898 21.1.M0.65894 21.1.0.66030 21.1.0.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 79%
VendorProductVersion
ciscoasr_5000_software
16.4.1
ciscoasr_5000_software
16.5.0
ciscoasr_5000_software
16.5.2
ciscoasr_5000_software
17.2.0
ciscoasr_5000_software
17.2.0.59184
ciscoasr_5000_software
17.3.0
ciscoasr_5000_software
17.3.1
ciscoasr_5000_software
17.3.9.62033
ciscoasr_5000_software
17.3_base:_base
ciscoasr_5000_software
17.7.0
ciscoasr_5000_software
17.7.5
ciscoasr_5000_software
18.0.0
ciscoasr_5000_software
18.0.0.57828
ciscoasr_5000_software
18.0.0.59167
ciscoasr_5000_software
18.0.0.59211
ciscoasr_5000_software
18.0.l0.59219:l0.59219
ciscoasr_5000_software
18.1.0
ciscoasr_5000_software
18.1.0.59776
ciscoasr_5000_software
18.1.0.59780
ciscoasr_5000_software
18.1_base:_base
ciscoasr_5000_software
18.3.0
ciscoasr_5000_software
18.3_base:_base
ciscoasr_5000_software
18.4.0
ciscoasr_5000_software
19.0.1
ciscoasr_5000_software
19.0.m0.60737:m0.60737
ciscoasr_5000_software
19.0.m0.60828:m0.60828
ciscoasr_5000_software
19.0.m0.61045:m0.61045
ciscoasr_5000_software
19.1.0
ciscoasr_5000_software
19.1.0.61559
ciscoasr_5000_software
19.2.0
ciscoasr_5000_software
19.3.0
ciscoasr_5000_software
19.6.3
ciscoasr_5000_software
19.6_base:_base
ciscoasr_5000_software
20.0.0
ciscoasr_5000_software
20.0.1.0
ciscoasr_5000_software
20.0.1.a0:a0
ciscoasr_5000_software
20.0.1.v0:v0
ciscoasr_5000_software
20.0.2.3
ciscoasr_5000_software
20.0.2.3.65026
ciscoasr_5000_software
20.0.2.v1:v1
ciscoasr_5000_software
20.0.m0.62842:m0.62842
ciscoasr_5000_software
20.0.m0.63229:m0.63229
ciscoasr_5000_software
20.0.v0:v0
ciscoasr_5000_software
20.1.v2:v2
ciscoasr_5000_software
20.1_base:_base
ciscoasr_5000_software
20.2.12
ciscoasr_5000_software
20.2_base:_base
ciscoasr_5000_software
21.0.0
ciscoasr_5000_software
21.0.v1:v1
ciscoasr_5000_software
21.0_base:_base
ciscoasr_5000_software
21.0_m0.64246:_m0.64246
ciscoasr_5000_software
21.0_m0.64702:_m0.64702
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/100015
http://www.securitytracker.com/id/1038819
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-staros
http://www.securityfocus.com/bid/100015
http://www.securitytracker.com/id/1038819
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-staros