A vulnerability was identified in IKEv1 packet processing code on Cisco IOS, IOS XE and IOS XR Software. An attacker could exploit this vulnerability by sending specially crafted IKEv1 packets to an affected device configured to accept IKEv1 security negotiation requests. The IKE service may run on UDP ports 500, 848, 4500, or 4848.
All Cisco products running an affected release of
A complete list of the affected versions can be found in the "Affected Products" section of the Cisco Security Advisory available at:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1
A successful exploit could lead to information disclosure.
Currently, patches for the vulnerability are still pending for release from the product vendor. Administrators are advised to check if the Cisco products and versions are affected and keep in view on the product vendor’s latest update at:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1
https://www.hkcert.org/my_url/en/alert/16091902
https://www.us-cert.gov/ncas/current-activity/2016/09/16/Cisco-Releases-Security-Updates
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6415