Denial of Service Vulnerability in Cisco ASR 1000 Devices
CVE-2012-5723

Currently unrated

Key Information:

Vendor: Cisco
Status: Ios Xe; Asr 1001; Asr 1002; Asr 1002-x
Vendor: CVE Published:; 24 April 2014

Summary

Cisco ASR 1000 devices, when configured with BDI routing and running software versions prior to 3.8S, are susceptible to a Denial of Service vulnerability. This issue allows remote attackers to trigger device reloads by sending specially crafted broadcast or multicast ICMP packets that exploit fragmentation. The vulnerability can severely disrupt network operations, emphasizing the importance of timely software updates for device security.

References

http://www.cisco.com/c/en/us/td/docs/routers/asr1000/rele...

x_refsource_CONFIRM

Timeline

Vulnerability published
Apr 24, 2014
Vulnerability Reserved
Nov 2, 2012