Published: 12/03/2016 Updated: 03/12/2016

CVSS v2 Base Score: 4.6 | Impact Score: 6.9 | Exploitability Score: 3.2

CVSS v3 Base Score: 5.3 | Impact Score: 3.6 | Exploitability Score: 1.6

VMScore: 409

Vector: AV:A/AC:H/Au:N/C:N/I:N/A:C

Cisco IOS XR up to and including 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote malicious users to cause a denial of service (line-card restart) via a crafted packet, aka Bug ID CSCuw56900.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios_xr 4.0.3
cisco ios_xr 3.8.2
cisco ios_xr 4.2.0
cisco ios_xr 3.9.2
cisco ios_xr 4.2.1
cisco ios_xr 3.8.4
cisco ios_xr 3.4.3
cisco ios_xr 4.0.1
cisco ios_xr 3.5.4
cisco ios_xr 3.5.3
cisco ios_xr 3.6.0
cisco ios_xr 3.6.3
cisco ios_xr 3.9.1
cisco ios_xr 3.4.2
cisco ios_xr 3.4.1
cisco ios_xr 3.6.2
cisco ios_xr 3.6.1
cisco ios_xr 4.2.3
cisco ios_xr 4.2.2
cisco ios_xr 4.3.0
cisco ios_xr 3.5.2
cisco ios_xr 3.8.1
cisco ios_xr 3.8.0
cisco ios_xr 3.7.0
cisco ios_xr 3.7.1
cisco ios_xr 4.0.0
cisco ios_xr 4.2.4
cisco ios_xr 4.3.2
cisco ios_xr 4.3.1
cisco ios_xr 3.9.0
cisco ios_xr 4.1.1
cisco ios_xr 4.1.0
cisco ios_xr 3.3.3
cisco ios_xr 4.1.2

A vulnerability in the ASIC UDP ingress receive function of Cisco Gigabit Switch Router (GSR) 12000 Series Routers could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition when one line card in the router unexpectedly restarts The vulnerability is due to improper input validation for the presence of a B ...

CWE-399 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsr http://www.securitytracker.com/id/1035314 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsr

CVE-2016-1361

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect