Test Kennung:	1.3.6.1.4.1.25623.1.0.106317
Kategorie:	CISCO
Titel:	Cisco IOS XE Software AAA Login Denial of Service Vulnerability
Zusammenfassung:	A vulnerability in the Authentication, Authorization, and Accounting (AAA);service for remote Secure Shell Host (SSH) connections to the device for Cisco IOS XE Software could allow an;unauthenticated, remote attacker to cause the vulnerable device to reload.
Beschreibung:	Summary: A vulnerability in the Authentication, Authorization, and Accounting (AAA) service for remote Secure Shell Host (SSH) connections to the device for Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the vulnerable device to reload. Vulnerability Insight: The vulnerability is due to an error log message when a remote SSH connection to the device fails AAA authentication. An attacker could exploit this vulnerability by attempting to authenticate to the targeted device. Vulnerability Impact: An exploit could allow the attacker to cause a denial of service (DoS) condition. Solution: See the referenced vendor advisory for a solution. CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6393 BugTraq ID: 93196 http://www.securityfocus.com/bid/93196 Cisco Security Advisory: 20160928 Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-aaados https://ics-cert.us-cert.gov/advisories/ICSA-16-287-04 http://www.securitytracker.com/id/1036914
Copyright	Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.