SB2016100522 - Denial of service in Cisco 800 Series Routers
Published: October 5, 2016 Updated: April 5, 2018
Security Bulletin ID
SB2016100522
CSH Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Denial of service (CVE-ID: CVE-2016-6423)
CWE-ID: CWE-399 - Resource Management Errors
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote unauthenticated user to cause DoS conditions on the target system.
The weakness is caused by insufficient validation of input as Internet Key Exchange version 2 (IKEv2) packets. By returning specially crafted packets to the affected device attackers force the victim to connect with IKEv2 server that allows them to trigger the system reload.
Successful exploitation of the vulnerability results in denial of service on the vulnerable system.
Remediation
Install update from vendor's website.