Vulnerability identifier: #VU942

Vulnerability risk: Low

CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C]

CVE-ID: CVE-2016-6438

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Cisco IOS
Operating systems & Components / Operating system

Vendor: Cisco Systems, Inc

Description
The vulnerability allows a remote unauthenticated user to cause a configuration integrity change on the target device.
The vulnerability is due to a logic processing error. As the affected device is configured with the Downstream Resiliency and Downstream Resiliency Bonding Group features attackers can establish Telnet or SSH connections and trigger an integrity issue with the vty line configuration.
Successful exploitation of the vulnerability will result in a configuration integrity change to the vty line configuration.

Mitigation
Update to fixed versions
15.6(1.7)SP1;
16.4(0.183);
16.5(0.1).

Vulnerable software versions

Cisco IOS: 15.5.3 S2.9 - 15.6.2 SP

---

External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-cbr-8

---

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.