Overview
- Description
- A vulnerability in the UDP processing code of Cisco IOS 15.1, 15.2, and 15.4 and IOS XE 3.14 through 3.18 could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and a denial of service (DoS) condition. The vulnerability is due to Cisco IOS Software application changes that create UDP sockets and leave the sockets idle without closing them. An attacker could exploit this vulnerability by sending UDP packets with a destination port of 0 to an affected device. A successful exploit could allow the attacker to cause UDP packets to be held in the input interfaces queue, resulting in a DoS condition. The input interface queue will stop holding UDP packets when it receives 250 packets. Cisco Bug IDs: CSCup10024, CSCva55744, CSCva95506.
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
Known exploits
Data from CISA
- Vulnerability name
- Cisco IOS Software and Cisco IOS XE Software UDP Packet Processing Denial-of-Service Vulnerability
- Exploit added on
- Mar 3, 2022
- Exploit action due
- Mar 24, 2022
- Required action
- Apply updates per vendor instructions.
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)gc:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3CF70487-4E51-4570-927B-1B74D73E9D58"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)gc1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "242A4DC2-C9C7-4ACB-99F0-317959B0CA2D"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(2\\)gc2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ED4ECF5C-1B91-4B54-BAB4-2DF17A1BBF56"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(4\\)gc:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1CD00484-39D2-4CD5-ABEA-3C5AD9977BB6"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(4\\)gc1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5AAD9B95-0D54-49CA-824D-68175D6B4A8E"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.1\\(4\\)gc2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B082C941-CE02-440F-8DD7-87873504B964"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)gc:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "98EB6A3F-DDAB-4FC6-A857-6E106E815505"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)gc1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7741D6E0-2507-44D9-8476-AE11DADEC611"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(1\\)gc2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0318BB57-8001-4F2A-954C-AD8DB2A94356"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(2\\)gc:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C89D14BC-1718-4AE9-B107-1709C2CE965E"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(3\\)gc:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D80852CE-8D91-4E85-A97F-C7A9AF5278CA"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(3\\)gc1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AF777880-43BF-4D4A-9BA1-B2E925B5DE11"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(3r\\)gca:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CB015852-A945-4801-93AA-6C562AFAB80D"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)gc:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E3714E18-9A21-4D04-BB5E-0299AF443E2E"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)gc1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6FE61C7-3B61-4085-AD91-137459DA29D0"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)gc2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "71080D8B-BC81-4CDF-8626-D0F35DA40AEA"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)gc3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CF10596D-457A-4DA8-8037-5E92E1D39232"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)t:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0B856BB-0FFE-4A92-9CE7-D71B6C611CD3"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)t1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1EE552E-226C-46DE-9861-CB148AD8FB44"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)t2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CAF02C8E-9BB2-4DC2-8BF1-932835191F09"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)t3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C1B86D1-344A-470D-8A35-BD8A9ABE9D9A"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(1\\)t4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C5AC88EB-7A67-4CDE-9C69-94734966E677"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)t:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "74E1226B-46CF-4C82-911A-86C818A75DFA"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)t1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "100DA24F-464E-4273-83DF-6428D0ED6641"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)t2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "063C0C47-25EB-4AA4-9332-8E43CD60FF39"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1C85BAAF-819B-40E7-9099-04AA8D9AB114"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ED684DB4-527A-4268-B197-4719B0178429"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "88F41406-0F55-4D74-A4F6-4ABD5A803907"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8CF9C9AE-B5A6-4B03-9ED9-FDBB40CE5BB9"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7082C083-7517-4CD4-BF95-CC7AF08D4053"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "370EF3DC-151F-4724-A026-3AD8ED6D801C"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2B8FB86F-2A89-413B-BED7-97E3D392804E"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "005EAD76-34BE-4E3F-8840-23F613661FE8"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m6a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2595B3E3-7FD4-4EFF-98A2-89156A657A0E"
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FB998A1F-BAEA-4B8F-BE49-1C282ED3952E"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.14.0s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD803F59-1CD2-4CA9-9EB1-3CC4ABCD9547"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.14.1s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B9247665-BBE7-4DEF-B97B-4981A0EA5CE4"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.14.2s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E61E0102-B9B6-41F4-9041-0A5F144D849A"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.14.3s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "579C9E7F-6AE4-4DF5-ABCF-DB390E4669E6"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.14.4s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2A076E1F-3457-410A-8AB6-64416ECB20A7"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.0s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FAD93CD1-4188-40B7-A20E-9C3FE8344A27"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.1cs:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0EEAB7F8-EAB5-4E7A-8A1B-38EC16D601FB"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.1s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2972E680-5A19-4858-9B35-0B959ED319A3"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.2s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1BFE916-916F-4936-A331-21A0E8193920"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.3s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0EC9A19-26E6-4E69-B4E7-852CB6327EAD"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.15.4s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C5484A4-D116-4B79-8369-47979E20AACA"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.0cs:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5568EABF-8F43-4A87-8DE4-A03E9065BE53"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.0s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0E5BB91-B5E7-4961-87DC-26596E5EDED7"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.1as:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AC72AA6D-9E18-49F7-95CA-A4A5D7A60E4E"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.1s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D3822447-EB80-4DF2-B7F2-471F55BA99C0"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.2as:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BA0B441A-3A09-4A58-8A40-D463003A50BC"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.2bs:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51E1A64A-204D-4567-A2DC-EFEB2AE62B54"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.2s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "970FD986-6D0E-441C-9BF3-C66A25763A7A"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.3as:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7EEFD3AD-EFA2-4808-801E-B98E4C63AA76"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.3s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1826C997-6D5D-480E-A12E-3048B6C61216"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4as:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D136C95-F837-49AD-82B3-81C25F68D0EB"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4bs:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C35B3F96-B342-4AFC-A511-7A735B961ECD"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4ds:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DED2D791-4142-4B9E-8401-6B63357536B0"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9FBEF4B2-EA12-445A-823E-E0E5343A405E"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.5s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "844E7CEC-5CB6-47AE-95F7-75693347C08E"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.6s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "147A245E-9A5D-4178-A1AC-5B0D41C3B730"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.0s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "12793F39-13C4-4DBC-9B78-FE361BDDF89D"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.1as:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1AEF94C7-CEE6-4696-9F1D-549639A831C2"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.1s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "876767C7-0196-4226-92B1-DDE851B53655"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.3s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "141FFB5E-EA72-4FC1-B87A-B5E2D5FCFE2A"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.0as:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BE390091-D382-4436-BBB4-D4C33E4F6714"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.0s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE81AA43-88D4-4EFC-B8F6-A41EFF437819"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6BEBCBF7-D1CF-488F-BB3E-F864F901A96A"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.2s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD8CCA19-1D1C-45C0-A1A0-CED5885AD580"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.3s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4063CCF8-19BE-4411-B71B-147BB146700B"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.3vs:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA08C168-48BE-41ED-A3BD-87BAE27A1351"
}
],
"operator": "OR"
}
]
}
]