Cisco IoT Field Network Director Web-Based Management Interface Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in the web-based management interface of Cisco IoT Field Network Director. This vulnerability allows an authenticated, remote attacker with low privileges to cause a denial-of-service condition on a remotely managed router. The issue arises from improper error handling, which an attacker could exploit by submitting crafted input through the management interface. A successful exploit could enable the attacker to request unauthorized files from the affected router, leading to a reload of the router and causing a denial-of-service condition.

Impact

Exploitation of this vulnerability causes a denial-of-service condition on a remotely managed router, causing the router to reload and temporarily disrupt its services.

Remediation

Cisco has released software updates to address this vulnerability. Users are advised to upgrade to version 5.0.0-117 or migrate to a supported release that includes the fix. For more information on the fixed software releases, consult the Cisco Security Vulnerability Policy.