Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in the Autonomic Networking Infrastructure (ANI) registrar feature of Cisco IOS Software (possibly 15.2 through 15.6) and Cisco IOS XE Software (possibly 3.7 through 3.18, and 16) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to incomplete input validation on certain crafted packets. An attacker could exploit this vulnerability by sending a crafted autonomic network channel discovery packet to a device that has all the following characteristics: (1) running a Cisco IOS Software or Cisco IOS XE Software release that supports the ANI feature; (2) configured as an autonomic registrar; (3) has a whitelist configured. An exploit could allow the attacker to cause the affected device to reload. Note: Autonomic networking should be configured with a whitelist. Do not remove the whitelist as a workaround. Cisco Bug IDs: CSCvc42717.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
Cisco IOS和IOS XE Software 安全漏洞
Vulnerability Description
Cisco IOS和IOS XE Software都是美国思科(Cisco)公司为其网络设备开发的操作系统。 Cisco IOS 15.2至15.6版本和IOS XE Software 3.7至3.18版本和16版本中的Autonomic Networking Infrastructure (ANI)注册功能存在拒绝服务漏洞,该漏洞源于程序没有充分过滤数据包。攻击者可借助特制的数据包利用该漏洞造成拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A