![licensing cisco ios xe software features asr 1001-x licensing cisco ios xe software features asr 1001-x](https://www.cisco.com/c/dam/en/us/products/collateral/routers/asr-1000-series-aggregation-services-routers/guide-c07-731639.docx/_jcr_content/renditions/guide-c07-731639_17.png)
- LICENSING CISCO IOS XE SOFTWARE FEATURES ASR 1001 X UPDATE
- LICENSING CISCO IOS XE SOFTWARE FEATURES ASR 1001 X FULL
OSPFv3 is not affected by this vulnerability. No other LSA type packets can trigger this vulnerability. This vulnerability can only be triggered by sending crafted unicast or multicast OSPF LSA type 1 packets. To exploit this vulnerability, an attacker must accurately determine certain parameters within the LSA database on the target router.
LICENSING CISCO IOS XE SOFTWARE FEATURES ASR 1001 X UPDATE
Successful exploitation could cause the targeted router to flush its routing table and propagate the crafted OSPF LSA type 1 update throughout the OSPF AS domain.
![licensing cisco ios xe software features asr 1001-x licensing cisco ios xe software features asr 1001-x](https://s3.manualzz.com/store/data/018047678_1-9dccf97a2d5b8622d3e24d50310171a3.png)
The attacker could exploit this vulnerability by injecting crafted OSPF packets.
LICENSING CISCO IOS XE SOFTWARE FEATURES ASR 1001 X FULL
This vulnerability could allow an unauthenticated, remote attacker to take full control of the OSPF Autonomous System (AS) domain routing table, allowing the attacker to intercept or black-hole traffic. This vulnerability affects Cisco DNA Center Software releases earlier than 1.3.0.6 and 1.3.1.4.ħ Adaptive Security Appliance Software, Ios, Ios Xe and 4 moreĬisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. To exploit this vulnerability, the attacker needs administrator credentials.
![licensing cisco ios xe software features asr 1001-x licensing cisco ios xe software features asr 1001-x](https://skminhaj.files.wordpress.com/2016/02/3920d-asr2b1002-x.jpg)
A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. An attacker could exploit this vulnerability by persuading a user to click a crafted link. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. A vulnerability in the web-based management interface of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.