Denial of Service Vulnerability in Cisco Carrier Routing System by Cisco
CVE-2016-6401

5.3MEDIUM

Key Information:

Vendor

Cisco
Status
Carrier Routing System
Vendor
CVE Published:
17 September 2016

What is CVE-2016-6401?

The Cisco Carrier Routing System 5.1 and 5.1.4 is susceptible to a denial of service vulnerability that can be exploited by an unauthenticated remote attacker. This vulnerability allows attackers to send specially crafted IPv6-over-MPLS packets, resulting in a line-card reload and service disruption. This affects the CRS Carrier Grade Services used within CRS-1 and CRS-3 devices, potentially compromising network availability and performance.

References

http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO
http://www.securitytracker.com/id/1036830
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/92964
vdb-entryx_refsource_BID

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.