CVE-2016-1407

Name of the Vulnerable Software and Affected Versions Cisco IOS XR versions 5.3.2 and earlier

Description The issue is due to improper handling of Local Packet Transport Services (LPTS) flow-base entries. This can cause too many known entries for a protocol to be created, leading to existing or new sessions being dropped. An attacker could exploit this by sending continuous connection attempts to open TCP ports, causing an exhaustion of services and resulting in a limited denial of service (DoS) condition.

Recommendations For Cisco IOS XR versions 5.3.2 and earlier, update to a version that addresses this issue, as software updates have been released by Cisco to fix the vulnerability. At the moment, there is no information about other workarounds that could mitigate this issue.