PT-2016-4783 · Cisco · Cisco Ios Xr

Published

2016-09-14

Updated

2017-07-30

CVE-2016-1433

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions Cisco IOS XR versions 6.0 through 6.0.1

Description The issue is caused by insufficient logic in the processing of crafted OSPFv3 packets, allowing an unauthenticated, remote attacker to cause a reload of the OSPFv3 process. This results in a limited denial of service (DoS) condition on an affected device. An attacker could exploit this by sending crafted OSPFv3 packets to be processed by an affected device.

Recommendations For Cisco IOS XR versions 6.0 through 6.0.1, update to a newer version that addresses this issue, as software updates have been released by Cisco.

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

CVE-2016-1433

Affected Products

Cisco Ios Xr

PT-2016-4783 · Cisco · Cisco Ios Xr

CVE-2016-1433

Weakness Enumeration

Related Identifiers

Affected Products

References · 5