CVE-2017-6729

Name: CVE-2017-6729
Creator: NVD / NIST
Published: 2017-07-10T20:29:00.547+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 2.30%

Last modified Jun 17, 2026

CVE-2017-6729 is a vulnerability of currently unknown severity. A vulnerability in the Border Gateway Protocol (BGP) processing functionality of the Cisco StarOS operating system for Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core (VPC) Software could allow an unauthenticated, remote attacker to cause the BGP process on an affected system to reload, resulting in a denial of service (DoS) condition. This vulnerability affects the following products if they are running the Cisco StarOS operating system and BGP is enabled for the system: Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core Software. EPSS estimates a 2.30% chance of exploitation in the next 30 days.

Description

A vulnerability in the Border Gateway Protocol (BGP) processing functionality of the Cisco StarOS operating system for Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core (VPC) Software could allow an unauthenticated, remote attacker to cause the BGP process on an affected system to reload, resulting in a denial of service (DoS) condition. This vulnerability affects the following products if they are running the Cisco StarOS operating system and BGP is enabled for the system: Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core Software. More Information: CSCvc44968. Known Affected Releases: 16.4.1 19.1.0 21.1.0 21.1.M0.65824. Known Fixed Releases: 21.3.A0.65902 21.2.A0.65905 21.1.b0.66164 21.1.V0.66014 21.1.R0.65898 21.1.M0.65894 21.1.0.66030 21.1.0.

Metrics

EPSS Probability

2.30%

81.0th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Cisco	Asr 5000 Software	16.4.1
Cisco	Asr 5000 Software	16.5.0
Cisco	Asr 5000 Software	16.5.2
Cisco	Asr 5000 Software	17.2.0
Cisco	Asr 5000 Software	17.2.0.59184
Cisco	Asr 5000 Software	17.3.0
Cisco	Asr 5000 Software	17.3.1
Cisco	Asr 5000 Software	17.3.9.62033
Cisco	Asr 5000 Software	17.3_base
Cisco	Asr 5000 Software	17.7.0
Cisco	Asr 5000 Software	17.7.5
Cisco	Asr 5000 Software	18.0.0
Cisco	Asr 5000 Software	18.0.0.57828
Cisco	Asr 5000 Software	18.0.0.59167
Cisco	Asr 5000 Software	18.0.0.59211
Cisco	Asr 5000 Software	18.0.l0.59219
Cisco	Asr 5000 Software	18.1.0
Cisco	Asr 5000 Software	18.1.0.59776
Cisco	Asr 5000 Software	18.1.0.59780
Cisco	Asr 5000 Software	18.1_base
Cisco	Asr 5000 Software	18.3.0
Cisco	Asr 5000 Software	18.3_base
Cisco	Asr 5000 Software	18.4.0
Cisco	Asr 5000 Software	19.0.1
Cisco	Asr 5000 Software	19.0.m0.60737
Cisco	Asr 5000 Software	19.0.m0.60828
Cisco	Asr 5000 Software	19.0.m0.61045
Cisco	Asr 5000 Software	19.1.0
Cisco	Asr 5000 Software	19.1.0.61559
Cisco	Asr 5000 Software	19.2.0
Cisco	Asr 5000 Software	19.3.0
Cisco	Asr 5000 Software	19.6.3
Cisco	Asr 5000 Software	19.6_base
Cisco	Asr 5000 Software	20.0.0
Cisco	Asr 5000 Software	20.0.1.0
Cisco	Asr 5000 Software	20.0.1.a0
Cisco	Asr 5000 Software	20.0.1.v0
Cisco	Asr 5000 Software	20.0.2.3
Cisco	Asr 5000 Software	20.0.2.3.65026
Cisco	Asr 5000 Software	20.0.2.v1
Cisco	Asr 5000 Software	20.0.m0.62842
Cisco	Asr 5000 Software	20.0.m0.63229
Cisco	Asr 5000 Software	20.0.v0
Cisco	Asr 5000 Software	20.1.v2
Cisco	Asr 5000 Software	20.1_base
Cisco	Asr 5000 Software	20.2.12
Cisco	Asr 5000 Software	20.2_base
Cisco	Asr 5000 Software	21.0.0
Cisco	Asr 5000 Software	21.0.v1
Cisco	Asr 5000 Software	21.0_base

Showing 50 of 52 affected configurations. See NVD for the full list.

References

http://www.securityfocus.com/bid/100015Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1038819Third Party Advisory, VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-starosVendor Advisory
http://www.securityfocus.com/bid/100015Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1038819Third Party Advisory, VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-starosVendor Advisory

Timeline

Published: Jul 10, 2017
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2017-6729?

How severe is CVE-2017-6729?

Severity scoring for CVE-2017-6729 is pending analysis. The EPSS model estimates a 2.30% probability of exploitation in the next 30 days.

How do I fix CVE-2017-6729?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-6729?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST