21.27.0

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

cisco

NVD

Published: 2023-04-05

Updated: 2023-11-07

Summary

A vulnerability in the Vector Packet Processor (VPP) of Cisco Packet Data Network Gateway (PGW) could allow an unauthenticated, remote attacker to stop ICMP traffic from being processed over an IPsec connection. This vulnerability is due to the VPP improperly handling a malformed packet. An attacker could exploit this vulnerability by sending a malformed Encapsulating Security Payload (ESP) packet over an IPsec connection. A successful exploit could allow the attacker to stop ICMP traffic over an IPsec connection and cause a denial of service (DoS).

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Packet Data Network Gateway - Cisco Packet Data Network Gateway 21.26.0 Cisco Packet Data Network Gateway 21.27.0	3
Hardware	Cisco Cisco ASR 5000 - Cisco ASR 5500 - Cisco ASR 5700 -	3

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-pdng-dos-KmzwEy2Q