PT-2016-7699 · Cisco · Cisco Asr 5000 Series

Published

2016-12-14

Updated

2016-12-22

CVE-2016-9203

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Cisco ASR 5000 Series Software version 20.2.3

Description A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature could allow an unauthenticated, remote attacker to cause a reload of the ipsecmgr process.

Recommendations For Cisco ASR 5000 Series Software version 20.2.3, update to a fixed release such as 21.1.M0.65431, 21.1.PP0.65733, 21.1.R0.65467, 21.1.R0.65496, 21.1.VC0.65434, or 21.1.VC0.65489 to resolve the issue.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2016-9203

Affected Products

Cisco Asr 5000 Series

PT-2016-7699 · Cisco · Cisco Asr 5000 Series

CVE-2016-9203

Weakness Enumeration

Related Identifiers

Affected Products

References · 5