Denial of Service Vulnerability in Cisco ASR 5000 Packet Data Network Gateway
CVE-2016-1436

7.5HIGH

Key Information:

Vendor

Cisco
Status
Asr 5000 Software
Vendor
CVE Published:
23 June 2016

What is CVE-2016-1436?

The General Packet Radio Switching Tunneling Protocol version 1 (GTPv1) implementation in the Cisco ASR 5000 Packet Data Network Gateway is susceptible to a denial of service attack. Attackers can exploit this vulnerability by sending specially crafted GTPv1 packets, resulting in the Session Manager process being restarted. This can disrupt the normal operation of the device, leading to potential service downtime and disruption of network connectivity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO
http://www.securitytracker.com/id/1036152
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.