—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Cisco Security Advisory: Cisco IOS and IOS XE Software Autonomic Networking Infrastructure Denial of Service Vulnerability

Advisory ID: cisco-sa-20170726-anidos

Revision: 1.0

For Public Release: 2017 July 26 16:00 GMT

Last Updated: 2017 July 26 16:00 GMT

CVE ID(s): CVE-2017-6663

CVSS Score v(3): 7.4 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

+———————————————————————

Summary
=======
A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in a denial of service (DoS) condition.

The vulnerability is due to an unknown condition in the Autonomic Networking code of the affected software. An attacker could exploit this vulnerability by replaying captured packets to reset the Autonomic Control Plane (ACP) channel of an affected system. A successful exploit could allow the attacker to reset the ACP channel of an affected system and consequently cause the affected device to reload, resulting in a DoS condition.

Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170726-anidos [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170726-anidos”]

—–BEGIN PGP SIGNATURE—–

iQKBBAEBAgBrBQJZeL4JZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg
SW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx
NykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHnr0w/5AduEophk0wfRt5OK
/VtnGl9IC9CO+RhOZMNQeP1QR+USHJ1mlM0TfFQSdIcp9niWUZpphsUt86U/D4Wh
1RUR8+cp2/qO6qB17ruluXeLvhfIbeNcvBgInKxBi3wm2CKiXCUVbJIzL5Lvwens
5aBpIh+5syaCUADrrmGIZ3SDm3vuGw0S7zjy9kTXyhlKRsrQkFmrPKQ4OhYgVc7l
XJXTAJ7eOWq+PaHtlZmfmKS2xAaYKO/hWIkaI0hmyuLYzJU4hzonNQTmBm5jXw38
HwrHEo9Y04zQUUlzxqmpoO6rCBDWmkNCfVPSH/UvVy4wFZ6J7UZfBhS8Vfde75y5
JZKdLK9htojfNERYLZPAFKB1ZJll6jPKOcu4qNNVt2o/ZSEXJh6KOP9eizI76kG8
KfcJSPumtLhhrmf2My/dMa9V+9W8TbURD24wpnFnvyep8WaMfrvhgBke2tNgkAGX
Khpr3uQNmEp3cA324RanSTP/m421g5WPXY8IKv3evoFQS3L4I7RU3cf4TZrhcxI4
uBlO5CBK8Pi6MpxEjxNQ2DNFYpbFlRfkKc19WBkoZDtcZwI/v1KlmfLfipa5AN97
XQRLO9xJMCXhe65+R0nQotml0c3/zt5zWSCk8mebV3CSrH+7cPRo2FrWzV5c3Xgi
5V5LOjtcQAXcO93+4EiRm35G6IU=
=rimL
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com