Vulnerability Description
Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of service (line-card restart) via a crafted packet, aka Bug ID CSCuw56900.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios Xr | 3.3.3 |
| Cisco | Xr 12404 | All versions |
| Cisco | Xr 12406 | All versions |
| Cisco | Xr 12410 | All versions |
| Cisco | Xr 12416 | All versions |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
- http://www.securitytracker.com/id/1035314
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
- http://www.securitytracker.com/id/1035314
FAQ
What is CVE-2016-1361?
CVE-2016-1361 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to ...
How severe is CVE-2016-1361?
CVE-2016-1361 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-1361?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios Xr, Cisco Xr 12404, Cisco Xr 12406, Cisco Xr 12410, Cisco Xr 12416.