Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco ASR 5000 Series Software (StarOS) ipsecmgr Process Denial of Service Vulnerability
Vulnerability Description
A vulnerability in the ipsecmgr process of Cisco ASR 5000 Series Software (StarOS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to insufficient validation of incoming Internet Key Exchange Version 2 (IKEv2) packets. An attacker could exploit this vulnerability by sending specifically malformed IKEv2 packets to an affected device. A successful exploit could allow the attacker to cause the ipsecmgr process to restart, which would disrupt ongoing IKE negotiations and result in a temporary DoS condition.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
内存缓冲区边界内操作的限制不恰当
Vulnerability Title
Cisco ASR 缓冲区错误漏洞
Vulnerability Description
Cisco ASR 5000是美国思科(Cisco)公司的一款5000系列网关产品。 Cisco ASR 5000存在安全漏洞,攻击者可利用该漏洞可以通过ipsecmgr触发致命错误,从而触发拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A