CVE-2016-1361

Published: 12/03/2016 Updated: 03/12/2016

CVSS v2 Base Score: 4.6 | Impact Score: 6.9 | Exploitability Score: 3.2

CVSS v3 Base Score: 5.3 | Impact Score: 3.6 | Exploitability Score: 1.6

VMScore: 409

Vector: AV:A/AC:H/Au:N/C:N/I:N/A:C

Cisco IOS XR up to and including 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote malicious users to cause a denial of service (line-card restart) via a crafted packet, aka Bug ID CSCuw56900.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios xr 3.3.3
cisco ios xr 3.4.1
cisco ios xr 3.4.2
cisco ios xr 3.4.3
cisco ios xr 3.5.2
cisco ios xr 3.5.3
cisco ios xr 3.5.4
cisco ios xr 3.6.0
cisco ios xr 3.6.1
cisco ios xr 3.6.2
cisco ios xr 3.6.3
cisco ios xr 3.7.0
cisco ios xr 3.7.1
cisco ios xr 3.8.0
cisco ios xr 3.8.1
cisco ios xr 3.8.2
cisco ios xr 3.8.4
cisco ios xr 3.9.0
cisco ios xr 3.9.1
cisco ios xr 3.9.2
cisco ios xr 4.0.0
cisco ios xr 4.0.1
cisco ios xr 4.0.3
cisco ios xr 4.1.0
cisco ios xr 4.1.1
cisco ios xr 4.1.2
cisco ios xr 4.2.0
cisco ios xr 4.2.1
cisco ios xr 4.2.2
cisco ios xr 4.2.3
cisco ios xr 4.2.4
cisco ios xr 4.3.0
cisco ios xr 4.3.1
cisco ios xr 4.3.2

A vulnerability in the ASIC UDP ingress receive function of Cisco Gigabit Switch Router (GSR) 12000 Series Routers could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition when one line card in the router unexpectedly restarts The vulnerability is due to improper input validation for the presence of a B ...

CWE-399 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsr http://www.securitytracker.com/id/1035314 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsr

CVE-2016-1361

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect