CVE-2016-1378

Name of the Vulnerable Software and Affected Versions Cisco IOS versions prior to 15.2(2)E1

Description The issue is related to a lack of protection for service data in the Cisco IOS operating system. It allows a remote attacker to obtain potentially sensitive software-version information by sending a request to the "Network Mobility Services Protocol" port.

Recommendations For versions prior to 15.2(2)E1, update to version 15.2(2)E1 or later to resolve the issue. As a temporary workaround, consider restricting access to the Network Mobility Services Protocol port until a patch is available.