Thanks for the replay .

can you please help me to know whether this vulnerabilities are hitting on the running IOS.

Hello,

ICMP is very dangerous for DDoS or DoS: A distributed-denial-of-service, or DDoS, attack is the bombardment of simultaneous data requests to a central server. The attacker generates these requests from multiple compromised systems.

In doing so, the attacker hopes to exhaust the target’s Internet bandwidth and RAM. The ultimate goal is to crash the target’s system and disrupt its business.

Check it: https://www.cisco.com/c/en/us/products/security/what-is-a-ddos-attack.html

NTP: In summary, the attack is based on processing NTP Mode 7 requests from NTP clients that may elicit huge responses. While the requests are small (for example, in case of Mode 7, the request is only 8 bytes long), the response can grow up to 5,500 times that size due to amplification.

Check it: https://www.cisco.com/c/en/us/about/security-center/event-response/network-time-protocol-amplification-ddos.html

All of this vulnerabilities can crash your router requesting lot of RAM, CPU and BANDWIDTH.

If you have a NTP Service configured on your router and you dont tunning it, maybe you has a vulnerability.

If you have any interface UP/UP allowed to external (internet), you can receive a DoS or DDoS attack.

Hi Jaderson Pessoa ,

Thanks for the update .

I have checked the same vulnerabilities in cisco portal but coudn't found this CVE ID'S are hitting the running IOS .There are lot of vulnerabilities are present in the current running ver except the mentioned CVE ID.

can you please clarify the same.

as i said, if you have this services configured without any parameter, you have a possible problem.

Regards,