vulnerability

Cisco IOS: CVE-2016-6393: Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:N/I:N/A:C)	2016-10-05	2016-10-20	2023-08-10

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:C)

Published

2016-10-05

Added

2016-10-20

Modified

2023-08-10

Description

The AAA service in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.1 through 3.18 and 16.2 allows remote attackers to cause a denial of service (device reload) via a failed SSH connection attempt that is mishandled during generation of an error-log message, aka Bug ID CSCuy87667.

Solution

cisco-ios-upgrade-latest

References

BID-93196
CVE-2016-6393
https://attackerkb.com/topics/CVE-2016-6393
DISA_SEVERITY-Category I
IAVM-2016-A-0268
IAVM-2016-A-0269
URL-https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-aaados

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today