CVE-2021-1424 – Cisco ASR 5000 Series Software (StarOS) ipsecmgr Process Denial of Service Vulnerability

https://notcve.org/view.php?id=CVE-2021-1424

A vulnerability in the ipsecmgr process of Cisco ASR 5000 Series Software (StarOS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to insufficient validation of incoming Internet Key Exchange Version 2 (IKEv2) packets. An attacker could exploit this vulnerability by sending specifically malformed IKEv2 packets to an affected device. A successful exploit could allow the attacker to cause the ipsecmgr process to restart, which would disrupt ongoing IKE negotiations and result in a temporary DoS condition.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Una vulnerabilidad en el proceso ipsecmgr del software Cisco ASR 5000 Series (StarOS) podría permitir que un atacante remoto no autenticado provoque una condición de denegación de servicio (DoS). • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ipsecmgr-dos-3gkHXwvS https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-webui-gQLSFyPM https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-sigverbypass-gPYXd6Mk https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-info-disclo-VOu2GHbZ https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-s • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •