CVE-2017-12355

Name of the Vulnerable Software and Affected Versions Cisco IOS XR Software (affected versions not specified)

Description A vulnerability in the Local Packet Transport Services (LPTS) ingress frame-processing functionality could allow an unauthenticated, remote attacker to cause one of the LPTS processes on an affected system to restart unexpectedly, resulting in a brief denial of service (DoS) condition. The issue is due to incomplete LPTS frame validation by the affected software. An attacker could exploit this by sending crafted XML requests to the management interface of an affected system, impacting LPTS traffic and causing a brief DoS condition while the process restarts.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.