CVE-2017-6731

Name of the Vulnerable Software and Affected Versions Cisco IOS XR Software versions prior to 6.1.4.12i.MCAST Cisco IOS XR Software versions prior to 6.2.2.17i.MCAST Cisco IOS XR Software versions prior to 6.2.3.1i.MCAST Cisco IOS XR Software versions prior to 6.3.1.19i.MCAST Cisco IOS XR Software version 4.3.2.MCAST Cisco IOS XR Software version 6.0.2.BASE

Description A vulnerability in Multicast Source Discovery Protocol (MSDP) ingress packet processing could allow an unauthenticated, remote attacker to cause the MSDP session to be unexpectedly reset, causing a short denial of service (DoS) condition. The MSDP session will restart within a few seconds. The vulnerability is due to incorrect error handling of an MSDP packet that contains an error in the packet header. An attacker could exploit this vulnerability by sending a malformed MSDP packet for an established MSDP session to the targeted device.

Recommendations For Cisco IOS XR Software version 4.3.2.MCAST, update to version 6.1.4.12i.MCAST or later. For Cisco IOS XR Software version 6.0.2.BASE, update to version 6.1.4.12i.MCAST or later. For Cisco IOS XR Software versions prior to 6.1.4.12i.MCAST, update to version 6.1.4.12i.MCAST or later. For Cisco IOS XR Software versions prior to 6.2.2.17i.MCAST, update to version 6.2.2.17i.MCAST or later. For Cisco IOS XR Software versions prior to 6.2.3.1i.MCAST, update to version 6.2.3.1i.MCAST or later. For Cisco IOS XR Software versions prior to 6.3.1.19i.MCAST, update to version 6.3.1.19i.MCAST or later.