CVE-2016-1347

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 15.1 through 15.5

Description The vulnerability in the Wide Area Application Services (WAAS) Express implementation allows remote attackers to cause a denial of service (device reload) via a crafted TCP segment. This is due to insufficient validation of TCP segments. An attacker could exploit this vulnerability by routing a crafted TCP segment through an affected device, causing the device to reload. The WAAS Express feature must be enabled on the interface, typically a WAN interface, for the vulnerability to be exploited. In most deployments, this means crafted traffic must be initiated from within a device to exploit the vulnerability.

Recommendations For Cisco IOS versions 15.1 through 15.5, update to a newer version that includes the fix for this vulnerability. As a temporary workaround, consider disabling the WAAS Express feature on the WAN interface until a patch is available. Restrict access to the vulnerable interface to minimize the risk of exploitation.