A vulnerability in the Border Gateway Protocol over an Ethernet Virtual Private Network in Cisco IOS XE software...
enabled a denial-of-service attack. What is the BGP vulnerability and how did Cisco fix it?
Cisco has been proactive in addressing new vulnerabilities in its products. The latest is a denial-of-service vulnerability in its IOS XE software prior to release 16.3.
The vulnerability was caused by the changes in Cisco's implementation of the Border Gateway Protocol (BGP) over an Ethernet VPN (EVPN). Cisco blamed the vulnerability on a change in the implementation of the draft specification for BGP over Multiprotocol Label Switching-based EVPNs.
The vulnerable implementation of the protocol didn't properly accept incoming BGP traffic. The length of the inbound packet's IP address field was miscalculated, which could have enabled an attacker to send malicious packets over a TCP connection. When attacked, the device could be forced to reload the BGP routing table, or the table could be corrupted, causing the affected device to malfunction. This led the IOS XE software to stop working.
With the BGP vulnerability, the attacker could then create a malicious BGP message and inject it into the affected BGP network. A BGP session had to exist for the router to receive the message from a peer. The router also had to have at least one BGP neighbor session before the denial-of-service vulnerability could be triggered.
As a timesaver, Cisco IOS Software Checker should be used to check the update status of affected releases of IOS XE software. To obtain the release number, administrators should log in and use the show version command in the command-line interface.
There are no workarounds to fix the BGP vulnerability. The good news is that software updates are available for the affected releases at no charge. Releases 16.3 and later are free of the BGP vulnerability. New releases require more memory for the devices -- current and upgraded. Hardware and software configurations are detailed in Cisco's Carrier Ethernet Configuration Guide. Cisco IOS XR Software and Cisco NX-OS Software are not affected.
Customers are advised to regularly check Cisco Security Advisories and Alerts for new vulnerabilities.
Ask the expert:
Want to ask Judith Myerson a question about security? Submit your question now via email. (All questions are anonymous.)
Dig Deeper on DDoS attack detection and prevention
Related Q&A from Judith Myerson
A previously disclosed flaw found in Broadcom's Wi-Fi controller chips is now believed to affect the Lenovo ThinkPad. Learn how this vulnerability ... Continue Reading
Multiple Border Gateway Protocol vulnerabilities were found impacting security in the Quagga routing software. Expert Judith Myerson explains how ... Continue Reading
ICS-CERT issued a warning about a new vulnerability in Nortek Linear eMerge E3 products. Discover what this vulnerability is and how it affects ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.