CISCO-SA-TWAMP-KV4FHUGN

Vulnerable Products:

This vulnerability affects the following Cisco products if they have the TWAMP server feature enabled:

IOS Software is affected with or without debugs enabled. IOS XE Software

Releases 16.6.1 through 17.2.3 are affected only if the debug command debug ip sla trace twamp connection is active. All other releases (up to the first fixed release) do not require debugs to be enabled to be affected by this vulnerability.

IOS XR Software is affected only if the debug command debug ipsla trace twamp connection is active.

For information about which Cisco software releases are vulnerable, see the Fixed Software ["#fs"] section of this advisory. Determine the TWAMP Server Configuration Cisco IOS and Cisco IOS XE Software

To determine whether the TWAMP server is enabled on a device, use the show running-config | include ip sla server twamp CLI command. If the TWAMP server feature is enabled, the device is affected by this vulnerability.

The following example shows the output for a device that has the TWAMP server enabled:

Router#show running-config | include ip sla server twamp ip sla server twamp Router#

If the command returns no output or an error, the device is not affected.

To determine whether the TWAMP debugs are enabled on a device that is running Cisco IOS XE Software, use the show debug | include TWAMP Server Connection TRACE CLI command.

The following example shows the output for a device that has the IP SLA debugs enabled:

Router#show debug | include TWAMP Server Connection TRACE IPPM TWAMP Server Connection TRACE debug all Router#

If the command returns no output or an error, the device does not have the debugs enabled.

Cisco IOS XR Software

To determine whether the TWAMP server is enabled on a device, use the show running-config ipsla server twamp CLI command. If the TWAMP server feature is enabled, the device is affected by this vulnerability.

The following example shows the output...