CVE-2016-9216

CWE-3994 documents4 sources

Severity

5.3MEDIUM

EPSS

0.5%

top 34.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco ASR 5000 Series Software

Timeline

PublishedJan 26

Latest updateMay 17

Description

An IKE Packet Parsing Denial of Service Vulnerability in the ipsecmgr process of Cisco ASR 5000 Software could allow an unauthenticated, remote attacker to cause the ipsecmgr process to reload. More Information: CSCuy06917 CSCuy45036 CSCuy59525. Known Affected Releases: 20.0.0 20.0.M0.62842 20.0.v0 20.0.M0.63229 20.1.0 20.1.a0 20.1.v0 21.0.0 21.0.v0. Known Fixed Releases: 20.0.0 20.0.0.63250 20.0.M0.63148 20.0.R0.63294 20.0.R0.63316 20.0.V0.63170 20.0.VG0.63188 20.0.v0 20.0.v0.64175 20.0.vg0.635…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5cisco_asr_5000_softwareCisco ASR 5000 Software

▶NVDcisco/asr_5000_series_software8 versions+7

🔴Vulnerability Details

GHSA

GHSA-mjwr-2f4h-2wmg: An IKE Packet Parsing Denial of Service Vulnerability in the ipsecmgr process of Cisco ASR 5000 Software could allow an unauthenticated, remote attack↗2022-05-17

▶

CVEList

CVE-2016-9216: An IKE Packet Parsing Denial of Service Vulnerability in the ipsecmgr process of Cisco ASR 5000 Software could allow an unauthenticated, remote attack↗2017-01-26

▶

📋Vendor Advisories

Cisco

Cisco ASR 5000 Software ipsecmgr Process IKE Packet Parsing Denial of Service Vulnerability↗2017-01-18

▶