A denial-of-service vulnerability has been identified in the Intermediate System-to-Intermediate System (IS-IS) multi-instance routing feature of Cisco IOS XR Software. This vulnerability allows an unauthenticated, adjacent attacker to cause the IS-IS process to restart unexpectedly. The issue arises from inadequate input validation of incoming IS-IS packets. An attacker could exploit this vulnerability by sending crafted IS-IS packets to an affected device after establishing an adjacency. Exploitation would lead to an unexpected restart of the IS-IS process, causing a temporary loss of connectivity to advertised networks and creating a denial-of-service condition. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device and have formed an adjacency.
Exploitation of this vulnerability causes the IS-IS process to restart unexpectedly, leading to a temporary loss of connectivity to advertised networks and a denial-of-service condition.
Cisco has released software updates to address this vulnerability. Customers are advised to upgrade to the fixed software versions indicated in the advisory. For platforms or releases not covered by the fixed software, contact Cisco support for assistance.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
