BugZero | Cisco BugID CSCvb24139 - H225 Sanity Check Failure

Loading...

Operational Defect Database

A free repository of operational (non-security) bugs centralized through custom integrations with leading IT vendors.

Product

Enterprise platform
Bug Scrub Advisor
Operational Risk Scoring
Vendor Integrations

Company

Plans
Value Guide
About
Contact us
Legal

Resources

Blog
ServiceNow App
Trust Center
Risk Management
NIST
DORA

Operational Defect Database

A free repository of operational (non-security) bugs centralized through custom integrations with leading IT vendors.

Product

Enterprise platform
Bug Scrub Advisor
Operational Risk Scoring
Vendor Integrations

Company

Plans
Value Guide
About
Contact us
Legal

Resources

Blog
ServiceNow App
Trust Center
Risk Management
NIST
DORA

©2025 BugZero. All Rights Reserved.

Privacy Policy Terms of Service

BugZero | Cisco BugID CSCvb24139 - H225 Sanity Check Failure

ODD
Cisco
CSCvb24139

Cisco - Defect ID: CSCvb24139

H225 Sanity Check Failure

ODD
Cisco
CSCvb24139

Cisco - Defect ID: CSCvb24139

H225 Sanity Check Failure

Last updated on November 8th, 2024

BugZero Risk Score
7.8 High

Overall: 7.8

Severity: 8.2

Lifecycle: 9.1

Popularity: 4.6

What is the BugZero Risk Score?

Cisco Integration

Learn more about where this data comes from

Cisco Integration

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Bug Details

Description

Symptom

When there is an ongoing VideoConference call, audio and video will drop after 1 minute and 28 seconds. The ISR will show some logs as follow: FW-6-DROP_PKT: Dropping h323 pkt from GigabitEthernet0/0/1 x.x.x.:3236 => y.y.y.y:1720(target:class)-(zone-pair:class-map) due to Drop with ip ident zzzz tcp flag 0x18, seq 1737552252, ack 3649195764 Packet trace also shows drop reason due to the same class: RTR-UNDP-UYMVD0-01#show platf packet-trace pack 10 Packet: 10 CBUG ID: 68423 Summary Input : GigabitEthernet0/0/1 Output : GigabitEthernet0/0/2 State : DROP 185 (FirewallL7) Timestamp Start : 7083972582521030 ns (07/13/2016 14:29:18.441591 UTC) Stop : 7083972582591334 ns (07/13/2016 14:29:18.441662 UTC) Path Trace Feature: IPV4 Source : x.x.x.x Destination : y.y.y.y Protocol : 6 (TCP) SrcPort : 3236 DstPort : 1720 Feature: VTCP Action : FORMAT ERROR Feature: ALG PARSER Type : H225 ALG Caller : NAT Action : FORMAT ERROR Feature: VTCP Action : FORMAT ERROR Feature: ALG PARSER Type : H225 ALG Caller : FW Action : FORMAT ERROR Feature: ZBFW Action : Drop Reason : L7 inspection returns drop Zone-pair name : Class-map name : Packet Copy In 84b802e3 67200024 e8c0e3c9 8100000a 08004500 002c45cc 40008006 bd77ac13 a16aa541 04c90ca4 06b84951 e5adc195 a10e5018 01000f3d 00000300 0004 Packet Copy Out 84b802e3 67200024 e8c0e3c9 8100000a 08004500 002c45cc 40007f06 be77ac13 a16aa541 04c90ca4 06b84951 e5adc195 a10e5018 01000f3d 00000300 00

Conditions

Symptom observed when VC connects via the ISR running 15.4(3)S5 and with Zone-Base Firewall configured, If ISR is bypassed the call or audio do not drop. Due to another unrelated event, customer had to upgrade to 15.5(3)S5 and issue still the same.

Workaround

* Bypass ISR

Further Problem Description

class-map for ZBF was modified to 'pass' action outbound and inbound but behavior does not change.

Change history

2024-11-08 Added: 16.10.1, 16.10.1a, 16.10.1b, 16.10.1c, 16.10.1d, 16.10.1e, 16.10.1f, 16.10.1g, 16.10.1i, 16.10.1s, 16.10.2, 16.11.1, 16.11.1a, 16.11.1b, 16.11.1c, 16.11.1s, 16.12.1, 16.12.1a, 16.12.1c, 16.5.1, 16.5.1a, 16.5.1b, 16.5.2, 16.5.3, 16.6.1, 16.6.1a, 16.6.2, 16.6.2s, 16.6.3, 16.6.4, 16.6.4a, 16.6.4s, 16.6.5, 16.6.5a, 16.6.5b, 16.6.6, 16.6.7, 16.7.1, 16.7.1a, 16.7.1b, 16.7.2, 16.7.3, 16.7.4, 16.8.1, 16.8.1a, 16.8.1b, 16.8.1c, 16.8.1d, 16.8.1e, 16.8.1s, 16.8.2, 16.8.3, 16.9.1, 16.9.1a, 16.9.1b, 16.9.1c, 16.9.1d, 16.9.1s, 16.9.2, 16.9.2a, 16.9.2s, 16.9.3, 16.9.3a, 16.9.3h, 16.9.3s, 16.9.4, 3.13.10S_BinOS, 3.13.7S_BinOS, 3.13.7aS_BinOS, 3.13.8S_BinOS, 3.13.9S_BinOS, 3.16.5S_BinOS, 3.16.5aS_BinOS, 3.16.5bS_BinOS, 3.16.6S_BinOS, 3.16.6bS_BinOS, 3.16.7S_BinOS, 3.16.7aS_BinOS, 3.16.7bS_BinOS, 3.16.8S_BinOS, 3.16.9S_BinOS

Relevant Products

Click on a version to see all relevant bugs

Affected versions:No known affected versions

Fixed versions: 16.10.1, 16.10.1a, 16.10.1b, 16.10.1c, 16.10.1d, 16.10.1e, 16.10.1f, 16.10.1g, 16.10.1i, 16.10.1s, 16.10.2, 16.11.1, 16.11.1a, 16.11.1b, 16.11.1c, 16.11.1s, 16.12.1, 16.12.1a, 16.12.1c, 16.5.1, 16.5.1a, 16.5.1b, 16.5.2, 16.5.3, 16.6.1, 16.6.1a, 16.6.2, 16.6.2s, 16.6.3, 16.6.4, 16.6.4a, 16.6.4s, 16.6.5, 16.6.5a, 16.6.5b, 16.6.6, 16.6.7, 16.7.1, 16.7.1a, 16.7.1b, 16.7.2, 16.7.3, 16.7.4, 16.8.1, 16.8.1a, 16.8.1b, 16.8.1c, 16.8.1d, 16.8.1e, 16.8.1s, 16.8.2, 16.8.3, 16.9.1, 16.9.1a, 16.9.1b, 16.9.1c, 16.9.1d, 16.9.1s, 16.9.2, 16.9.2a, 16.9.2s, 16.9.3, 16.9.3a, 16.9.3h, 16.9.3s, 16.9.4, 3.13.10S_BinOS, 3.13.7S_BinOS, 3.13.7aS_BinOS, 3.13.8S_BinOS, 3.13.9S_BinOS, 3.16.5S_BinOS, 3.16.5aS_BinOS, 3.16.5bS_BinOS, 3.16.6S_BinOS, 3.16.6bS_BinOS, 3.16.7S_BinOS, 3.16.7aS_BinOS, 3.16.7bS_BinOS, 3.16.8S_BinOS, 3.16.9S_BinOS

Relevant Products

Click on a version to see all relevant bugs

Affected versions:No known affected versions

Fixed versions: 16.10.1, 16.10.1a, 16.10.1b, 16.10.1c, 16.10.1d, 16.10.1e, 16.10.1f, 16.10.1g, 16.10.1i, 16.10.1s, 16.10.2, 16.11.1, 16.11.1a, 16.11.1b, 16.11.1c, 16.11.1s, 16.12.1, 16.12.1a, 16.12.1c, 16.5.1, 16.5.1a, 16.5.1b, 16.5.2, 16.5.3, 16.6.1, 16.6.1a, 16.6.2, 16.6.2s, 16.6.3, 16.6.4, 16.6.4a, 16.6.4s, 16.6.5, 16.6.5a, 16.6.5b, 16.6.6, 16.6.7, 16.7.1, 16.7.1a, 16.7.1b, 16.7.2, 16.7.3, 16.7.4, 16.8.1, 16.8.1a, 16.8.1b, 16.8.1c, 16.8.1d, 16.8.1e, 16.8.1s, 16.8.2, 16.8.3, 16.9.1, 16.9.1a, 16.9.1b, 16.9.1c, 16.9.1d, 16.9.1s, 16.9.2, 16.9.2a, 16.9.2s, 16.9.3, 16.9.3a, 16.9.3h, 16.9.3s, 16.9.4, 3.13.10S_BinOS, 3.13.7S_BinOS, 3.13.7aS_BinOS, 3.13.8S_BinOS, 3.13.9S_BinOS, 3.16.5S_BinOS, 3.16.5aS_BinOS, 3.16.5bS_BinOS, 3.16.6S_BinOS, 3.16.6bS_BinOS, 3.16.7S_BinOS, 3.16.7aS_BinOS, 3.16.7bS_BinOS, 3.16.8S_BinOS, 3.16.9S_BinOS

Top Cisco Defects

9.7Defect ID: CSCwt50498
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
9.7Defect ID: CSCvv15096
9200L: SYS-3-CPUHOG: Task is running for (2843)msecs, more than (2000)msecs process = SAUtilReport.
9.7Defect ID: CSCvx82406
Memory leaks in IOS_PRIV_OPER_DB
9.7Defect ID: CSCwa46963
Security: CVE-2021-44228 -> Log4j 2 Vulnerability
9.7Defect ID: CSCwf08698
Cat9k Crashes Unexpectedly due to a Fault in the 'TLSCLIENT_PROCESS'

Ready to prevent the next vendor outage?

Links

Original Vendor Announcement

Cisco Integration

Learn more about where this data comes from

Cisco Integration

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise