vulnerability

Cisco IOS-XR: CVE-2017-6599: Cisco IOS XR Software Denial of Service Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	Apr 5, 2017	May 19, 2021	Mar 3, 2023

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

Apr 5, 2017

Added

May 19, 2021

Modified

Mar 3, 2023

Description

A vulnerability in Google-defined remote procedure call (gRPC) handling in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Event Management Service daemon (emsd) to crash due to a system memory leak, resulting in a denial of service (DoS) condition. This vulnerability affects Cisco IOS XR Software with gRPC enabled. More Information: CSCvb14433. Known Affected Releases: 6.1.1.BASE 6.2.1.BASE. Known Fixed Releases: 6.2.1.22i.MGBL 6.1.22.9i.MGBL 6.1.21.12i.MGBL 6.1.2.13i.MGBL.

Solution

update-xros

References

BID-97464
CVE-2017-6599
https://attackerkb.com/topics/CVE-2017-6599
URL-https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-ios

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today