Vulnerability Description
A vulnerability in IPv6 packet fragment reassembly of StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Switch could allow an unauthenticated, remote attacker to cause an unexpected reload of the Network Processing Unit (NPU) process. More Information: CSCva84552. Known Affected Releases: 20.0.0 21.0.0 21.0.M0.64702. Known Fixed Releases: 21.0.0 21.0.0.65256 21.0.M0.64970 21.0.V0.65150 21.1.A0.64973 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.VC0.65203.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Asr 5000 Series Software | 20.0.0 |
| Cisco | Asr 5000 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/94772Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1037416Third Party AdvisoryVDB Entry
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
- http://www.securityfocus.com/bid/94772Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1037416Third Party AdvisoryVDB Entry
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
FAQ
What is CVE-2016-6467?
CVE-2016-6467 is a vulnerability with a CVSS score of 7.5 (HIGH). A vulnerability in IPv6 packet fragment reassembly of StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Switch could allow an unauthenticated, remote attacker to cause an unexpected reloa...
How severe is CVE-2016-6467?
CVE-2016-6467 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-6467?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Asr 5000 Series Software, Cisco Asr 5000.