CVE-2022-20714

Name of the Vulnerable Software and Affected Versions Cisco ASR 9000 Series Aggregation Services Routers (affected versions not specified) ASR 9902 Compact High-Performance Routers (affected versions not specified) ASR 9903 Compact High-Performance Routers (affected versions not specified)

Description A vulnerability in the data plane microcode of Lightspeed-Plus line cards could allow an unauthenticated, remote attacker to cause the line card to reset. This is due to the incorrect handling of malformed packets received on the Lightspeed-Plus line cards. An attacker could exploit this by sending a crafted IPv4 or IPv6 packet through an affected device, resulting in a denial of service (DoS) condition for any traffic that traverses that line card.

Recommendations For Cisco ASR 9000 Series Aggregation Services Routers, update to a version that includes the software updates released by Cisco to address this vulnerability. For ASR 9902 Compact High-Performance Routers, update to a version that includes the software updates released by Cisco to address this vulnerability. For ASR 9903 Compact High-Performance Routers, update to a version that includes the software updates released by Cisco to address this vulnerability.