Denial of Service Issue in Cisco IOS Software for IKEv2 Implementation
CVE-2016-1344

5.9MEDIUM

Key Information:

Vendor

Cisco
Status
Ios Xe
X14j Firmware
Opensolaris
Gs1900-10HP Firmware
Vendor
CVE Published:
26 March 2016

What is CVE-2016-1344?

A vulnerability in the Internet Key Exchange version 2 (IKEv2) implementation of Cisco IOS software allows attackers to remotely trigger a denial of service. By sending specially crafted fragmented packets, an attacker can cause affected devices to reload, interrupting network services and potentially impacting connected users. This issue primarily affects Cisco IOS versions 15.0 through 15.6 and IOS XE 3.3 through 3.17.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO
http://www.securitytracker.com/id/1035382
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/85311
vdb-entryx_refsource_BID

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.