The vulnerability is due to a specific TCP port listening on the local management port when it should have been internal only. An attacker could exploit this vulnerability by sending a continuous stream of TCP traffic to the targeted device on the specific TCP port. An exploit could allow the attacker to cause the controller card to unexpectedly reset. The user traffic is not impacted; however, the management port traffic could be briefly disrupted.
There are workarounds that address this vulnerability.
This advisory is available at the following link:
http://ift.tt/2gCuiGc
The vulnerability is due to a specific TCP port listening on the local management port when it should have been internal only. An attacker could exploit this vulnerability by sending a continuous stream of TCP traffic to the targeted device on the specific TCP port. An exploit could allow the attacker to cause the controller card to unexpectedly reset. The user traffic is not impacted; however, the management port traffic could be briefly disrupted.
There are workarounds that address this vulnerability.
This advisory is available at the following link:
http://ift.tt/2gCuiGc
Security Impact Rating: Medium
CVE: CVE-2016-9211
from Cisco Security Advisory http://ift.tt/2gCuiGc
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.