BugZero | Cisco BugID CSCvw46239 - IOS XR UDLD Denial of Service Vulnerability

Cisco - Defect ID: CSCvw46239

IOS XR UDLD Denial of Service Vulnerability

Cisco - Defect ID: CSCvw46239

IOS XR UDLD Denial of Service Vulnerability

Last updated on 1/9/2025

Overall: 6.16.1

Severity: 6.46.4

Lifecycle: 9.19.1

Popularity: 4.64.6

What is the BugZero Risk Score?

Vendor details

No defect details.

Overall: 6.16.1

Severity: 6.46.4

Lifecycle: 9.19.1

Popularity: 4.64.6

What is the BugZero Risk Score?

Vendor details

No defect details.

Symptom

A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a reload of the UDLD process. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. Note: The UDLD feature is disabled by default and must be enabled for a device to be affected by the exploit. An attacker must have full control of a directly connected device. Cisco has released software updates that address this vulnerability. This vulnerability is part of the following Security Advisory: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ Note that the advisory for this vulnerability covers multiple Cisco products; the impact on IOS-XR is significantly less than other products and is limited to a restart of the impacted process.

Conditions

For a device to be vulnerable to this exploit it must support the UDLD feature and explicitly have the feature enabled. IOS-XR devices that support UDLD are: ASR9000, NCS5000, NCS5500, NCS540 and NCS560. See Vulnerable Products Section of the advisory for full details: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ#vp

Workaround

There are no workarounds that address this vulnerability.

Further Problem Description

Please refer to the Security Advisory. *PSIRT Evaluation:* The Cisco PSIRT has assigned this bug the following CVSS version 3 score. The Base CVSS score as of the time of evaluation is 4.3: https://tools.cisco.com/security/center/cvssCalculator.x?version=3.0&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE ID CVE-2021-34714 has been assigned to document this issue. Additional information on Cisco's security vulnerability policy can be found at the following URL: https://tools.cisco.com/security/center/resources/security_vulnerability_policy.html

Original Vendor Announcement

9.65Defect ID: CSCwd45843
Auth Step latency for policy evaluation due to Garbage Collection activity.
9.65Defect ID: CSCwa92734
CUBE DTMF interworking fails from rtp-nte to OOB SIP methods
9.65Defect ID: CSCwj45822
Cisco ASA and FTD Software Remote Access VPN Brute Force Denial of Service Vulnerability
9.65Defect ID: CSCvo03458
PKI "revocation check crl none" does not fallback if CRL not reachable
9.65Defect ID: CSCvq05584
Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability

Ready to prevent the next vendor outage?

Get a demo

OPERATIONAL DEFECT DATABASE

Cisco - Defect ID: CSCvw46239

IOS XR UDLD Denial of Service Vulnerability

Cisco - Defect ID: CSCvw46239

IOS XR UDLD Denial of Service Vulnerability

Last updated on 1/9/2025

Vendor details

Vendor details

Description

Symptom

Conditions

Workaround

Further Problem Description

Links

Top Cisco defects by risk score

Ready to prevent the next vendor outage?