Tag: Multiprotocol Label Switching

Cisco NX-OS Software MPLS OAM Denial of Service Vulnerability

Cisco Leave a comment

A vulnerability in the MPLS Operation, Administration, and Maintenance (OAM) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

This vulnerability is due to improper input validation when an affected device is processing an MPLS echo-request or echo-reply packet. An attacker could exploit this vulnerability by sending malicious MPLS echo-request or echo-reply packets to an interface that is enabled for MPLS forwarding on the affected device. A successful exploit could allow the attacker to cause the MPLS OAM process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-mpls-oam-dos-sGO9x5GM

This advisory is part of the August 2021 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: August 2021 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication.

Security Impact Rating: High

CVE: CVE-2021-1588

Related:

  • No Related Posts

Cisco SD-WAN Software Information Disclosure Vulnerability

Cisco Leave a comment

A vulnerability in the Multiprotocol Label Switching (MPLS) packet handling function of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to gain access to information stored in MPLS buffer memory.

This vulnerability is due to insufficient handling of malformed MPLS packets that are processed by a device that is running Cisco SD-WAN Software. An attacker could exploit this vulnerability by sending a crafted MPLS packet to an affected device that is running Cisco SD-WAN Software or Cisco SD-WAN vManage Software. A successful exploit could allow the attacker to gain unauthorized access to sensitive information.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdw-mpls-infodisclos-MSSRFkZq

Security Impact Rating: Medium

CVE: CVE-2021-1614

Related:

  • No Related Posts

Clients reporting to other SEP Manager

Symantec Community Leave a comment
I need a solution

Dear Everyone,

I would like to ask help on how can I achieve correct SEP firewall policy which will prevent clients to report to the other SEP manager in our other sites. Out current setup is 1 SEPM each site and no replication. All sites are connected via MPLS.

We’re using custom port for client server communication.

Thank you for those who responded.

0

1578548755

Related:

Latency in ProxySG when in static bypass list

Symantec Community Leave a comment
I need a solution

Hi,

We are using transparent deployment for our ProxySG using WCCP.

For the routes that are going to the MPLS we added it in the static bypass list.

For example the citrix application, user experience latency when accessing citrix.

And also some sites that are bypassed are slow.

Anyone of you who experienced the same scenario?

What are your recommendations?

0

Related:

Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers MPLS OAM Denial of Service Vulnerability

Cisco Leave a comment

A vulnerability in the Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device.

The vulnerability is due to the incorrect handling of certain MPLS OAM packets. An attacker could exploit this vulnerability by sending malicious MPLS OAM packets to an affected device. A successful exploit could allow the attacker to cause the lspv_server process to crash. The crash could lead to system instability and the inability to process or forward traffic though the device, resulting in a DoS condition that require manual intervention to restore normal operating conditions.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-iosxr-mpls-dos

Security Impact Rating: High

CVE: CVE-2019-1846

Related:

deployement and design guide

Symantec Community Leave a comment
I need a solution

Hi chaps,

I need to provide some consultancy to a customer and they have the following setup.

Environment

  • 220 sites in one country
  • Business has grown by acquisition, so standardisation is low and complexity is high
  • Multiple network configurations
    • MPLS with direct connectivity to SEPM
    • MPLS with VPN to SEPM network
    • MPLS with no connectivity to SEPM network
    • Single circuits with VPN to SEPM network
    • Single circuits with no connectivity to SEPM network
  • Wide range of available bandwidths across networks – ADSL to FTTP
  • Approx. 1500 endpoints
    • 99% Windows. A few Apple clients
    • Win 7/8/10 – Mostly 10
  • Multiple AD forests in place, and 800+ endpoints not in AD
  • Ivanti as the primary means of endpoint management
  • 7-8 different varieties of AV currently in use, at varying levels of management
    • Sophos
    • Webroot SecureAnywhere / Kaseya
    • Windows Defender
    • AVG
    • McAfee
    • BitDefender
    • F-Prot
    • ESET

SEP 14.2 setup

  • Licenses purchased
  • SEPM installed within Customer network
    • VM on VMWare infrastructure
    • Hosted
    • Single instance, not HA
  • SEPM Cloud not currently enrolled
  • Approx. 30 clients deployed as a pilot
  • Planning to deploy via Ivanti
  • Only deploying to desktops & laptops – not phones or tablets

I need to deliver the following :

  • Review and input into deployment strategy –
  • SEPM configuration
    • Client grouping and mgmt.
    • Policy creation – how to build container
    • Location-based logic
    • Etc.
  • Removal of existing AV programs – best way to remove non symantec AV from 1500 machines
    • Options available, testing and package-building
  • SEP Cloud – pros & cons of enabling and best practices
0

Related:

Symantec End Point

Symantec Community Leave a comment
I need a solution

Hi

I have a basic question – i am pretty new to symantec and trying move away from mcafee and deploy SEP.

Can I deploy sub agents at my MPLS locations and install the server at HO so that the updates can be between the server and sub agents during night time and then all clients take updates from the sub agents deployed at each location so that the update can happen within the LAN only. 

If yes which product i should go for? 

Thanks

Ash

0

Related:

Does ITNM 4.2 monitor firewal events?? and apart from router and switches &network protocols and technologies, such as MPLS, BGP, and OSPF what kind of devices ITNM 4.2 monitors??

IBM Customer Leave a comment
Does ITNM 4.2 monitor firewal events?? and apart from router and switches & network protocols and technologies, such as MPLS, BGP, and OSPF what kind of devices ITNM 4.2 monitors??

And network protocols and technologies, such as MPLS, BGP, and OSPF what kind of events we can monitor?

Related:

Smarts MPLS:Monitoring continues to poll for instances that have been removed in MPLS Topology Domain.

Dell Community Leave a comment

Article Number:494351

Article Title and Link for Registered Users: Smarts MPLS:Monitoring continues to poll for instances that have been removed in MPLS Topology Domain.

Affected Product(s): Smarts MPLS Manager

Article Summary:Smarts MPLS Monitoring may continue to poll for instances that have been removed in MPLS Topology Domain. In an environment subject to a large number of changes to the MPLS topology you may note: 1, A slight increase in network, cpu and memory utilization …

Article Last Updated:January 26, 2017

Please note that this abstract is machine-generated. Registered users should click the above link to view the entire knowledge article from Dell EMC Online Support, otherwise please contact Dell EMC Customer Service for further assistance.

Related: