Vulnerabilities > CVE-2016-9205 - Resource Management Errors vulnerability in Cisco IOS XR 6.1.1

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

cisco

CWE-399

NVD

Published: 2016-12-14

Updated: 2017-01-04

Summary

A vulnerability in the HTTP 2.0 request handling code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Event Management Service daemon (emsd) to crash, resulting in a denial of service (DoS) condition. More Information: CSCvb14425. Known Affected Releases: 6.1.1.BASE. Known Fixed Releases: 6.1.2.6i.MGBL 6.1.22.9i.MGBL 6.2.1.14i.MGBL.

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco IOS XR 6.1.1	1

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ios-xr
http://www.securityfocus.com/bid/94813