CVE-2016-6409

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 15.6(1)T and earlier Cisco IOS XE (affected versions not specified)

Description The issue is related to insufficient bounds checks in the Data in Motion (DMo) component when the IOx feature set is enabled. This allows remote attackers to cause a denial of service (out-of-bounds access) via crafted traffic. An attacker could exploit this by sending crafted traffic to a targeted system, potentially causing a partial denial of service condition for the DMo process.

Recommendations For Cisco IOS version 15.6(1)T, update to a newer version that includes the fix for this issue. For Cisco IOS XE, update to a version that includes the fix for this issue, as no specific version is provided. As a temporary workaround, consider restricting access to the DMo component until a patch is available.