Denial of Service Vulnerability in Cisco IOS XR Software for Cisco NCS 5500 Series Routers

Denial of Service Vulnerability in Cisco IOS XR Software for Cisco NCS 5500 Series Routers

CVE-2017-12270 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

A vulnerability in the gRPC code of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the emsd service stops. The vulnerability is due to the software's inability to process HTTP/2 packets. An attacker could exploit this vulnerability by sending a malformed HTTP/2 frame to the affected device. A successful exploit could allow the attacker to create a DoS condition when the emsd service stops. Cisco Bug IDs: CSCvb99388.

Learn more about our Cis Benchmark Audit For Apple Ios.