CVE-2016-1344

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 15.0 through 15.6 Cisco IOS XE versions 3.3 through 3.17

Description The issue is related to an improper handling of crafted, fragmented IKEv2 packets in the Internet Key Exchange (IKE) version 2 (v2) fragmentation code of Cisco IOS and IOS XE Software. This could allow an unauthenticated, remote attacker to cause a reload of the affected system by sending crafted UDP packets. The vulnerability can be triggered by both IPv4 and IPv6 traffic. Only traffic directed to the affected system can be used to exploit this vulnerability.

Recommendations For Cisco IOS versions 15.0 through 15.6, update to a version that includes the fix for this issue. For Cisco IOS XE versions 3.3 through 3.17, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the affected system to minimize the risk of exploitation.