Cisco Security Advisory: Cisco IOS Software RSVP Denial of Service Vulnerability
Cisco IOS Software and Cisco IOS XE Software contain a vulnerability in the RSVP feature when used on a device configured with VPN routing and forwarding (VRF) instances. This vulnerability could allow an
unauthenticated, remote attacker to cause an interface wedge, which can lead to loss of connectivity, loss of routing protocol adjacency, and other denial of service (DoS) conditions. This vulnerability could be exploited repeatedly to cause an extended DoS condition.
A workaround is available to mitigate this vulnerability.
Cisco has released free software updates that address this
vulnerability. This advisory is available at the following link:
- Cisco: Multiple Vulnerabilities; ASA 5500, Catalyst 6500 (netsecurityit.wordpress.com)
- Cisco Security Advisory: Cisco NX-OS (netsecurityit.wordpress.com)
- Cisco Security Advisory: Cisco Small Business SRP 500 Series (netsecurityit.wordpress.com)
- Cisco Releases Multiple Security Advisories (netsecurityit.wordpress.com)