At the time of publication, this vulnerability affected Cisco IOS XR Software release prior to 6.4.3, 6.6.3, 7.0.2 and 7.1.1, respectively, that have the IPsec process ipsec_mp or ipsec_pp running. Both IPsec processes are running in Cisco IOS XR Software by default.
See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information.
Determine the Status of the IPsec Processes
Administrators can determine whether IPsec processes are running on a device by using the show processes | include ipsec command in the device CLI. The following example shows the output of this command on a device on which both IPsec processes are running:
RP/0/RP0/CPU0:ios#show processes | include ipsec
Thu Feb 27 13:42:05.618 UTC
222 5460 0K 20 Sleeping ipsec_mp 0
222 6055 0K 20 Sleeping ipsec_mp 0
222 6247 0K 20 Sleeping ipsec_mp 0
222 6258 0K 20 Sleeping ipsec_mp 0
222 6502 0K 20 Sleeping ipsec_mp 0
312 5461 0K 20 Sleeping ipsec_pp 0
312 6044 0K 20 Sleeping ipsec_pp 0
312 6220 0K 20 Sleeping ipsec_pp 0
312 6375 0K 20 Sleeping ipsec_pp 0
312 6824 0K 20 Sleeping ipsec_pp 0
If the command does not return any output, the IPsec processes are not running and the device is not vulnerable.
Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect Cisco IOS or IOS XE Software.