Vulnerability Details CVE-2016-1436
The General Packet Radio Switching Tunneling Protocol 1 (aka GTPv1) implementation on Cisco ASR 5000 Packet Data Network Gateway devices before 19.4 allows remote attackers to cause a denial of service (Session Manager process restart) via a crafted GTPv1 packet, aka Bug ID CSCuz46198.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 77.6%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2016-1436
-
cpe:2.3:a:cisco:asr_5000_software:17.2.0
-
cpe:2.3:a:cisco:asr_5000_software:17.2.0.59184
-
cpe:2.3:a:cisco:asr_5000_software:17.3.1
-
cpe:2.3:a:cisco:asr_5000_software:17.7.0
-
cpe:2.3:a:cisco:asr_5000_software:18.0.0
-
cpe:2.3:a:cisco:asr_5000_software:18.0.0.57828
-
cpe:2.3:a:cisco:asr_5000_software:18.0.0.59167
-
cpe:2.3:a:cisco:asr_5000_software:18.0.0.59211
-
cpe:2.3:a:cisco:asr_5000_software:18.0.l0.59219
-
cpe:2.3:a:cisco:asr_5000_software:18.1.0
-
cpe:2.3:a:cisco:asr_5000_software:18.1.0.59776
-
cpe:2.3:a:cisco:asr_5000_software:18.1.0.59780
-
cpe:2.3:a:cisco:asr_5000_software:18.1_base
-
cpe:2.3:a:cisco:asr_5000_software:18.4.0
-
cpe:2.3:a:cisco:asr_5000_software:19.0.1
-
cpe:2.3:a:cisco:asr_5000_software:19.0.m0.60737
-
cpe:2.3:a:cisco:asr_5000_software:19.0.m0.60828
-
cpe:2.3:a:cisco:asr_5000_software:19.0.m0.61045
-
cpe:2.3:a:cisco:asr_5000_software:19.1.0
-
cpe:2.3:a:cisco:asr_5000_software:19.1.0.61559
-
cpe:2.3:a:cisco:asr_5000_software:19.2.0
-
cpe:2.3:a:cisco:asr_5000_software:19.3.0