CVE-2017-6666

Name of the Vulnerable Software and Affected Versions Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers version 6.2.11.BASE

Description A vulnerability in the forwarding component could allow an authenticated, local attacker to cause the router to stop forwarding data traffic across Traffic Engineering (TE) tunnels, resulting in a denial of service (DoS) condition. The issue occurs because adjacency information for a Traffic Engineering (TE) tunnel's physical source interface is not propagated to hardware after the adjacency is lost. An attacker could exploit this by issuing the clear arp-cache command after logging in to the router's CLI with administrator privileges.

Recommendations For Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers version 6.2.11.BASE, update to a fixed release such as 6.1.3, 6.1.2, 6.3.1.8i.BASE, 6.2.11.8i.BASE, 6.2.2.9i.BASE, 6.1.32.11i.BASE, 6.1.31.10i.BASE, or 6.1.4.3i.BASE to resolve the issue. As a temporary workaround, consider restricting access to the clear arp-cache command to minimize the risk of exploitation.