Rockwell Automation Stratix Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Fragmentation Denial of Service (CVE-2016-1344)

medium Tenable OT Security Plugin ID 501808

Synopsis

The remote OT asset is affected by a vulnerability.

Description

A vulnerability in the Internet Key Exchange (IKE) version 2 (v2) fragmentation code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to an improper handling of crafted, fragmented IKEv2 packets. An attacker could exploit this vulnerability by sending crafted UDP packets to the affected system. An exploit could allow the attacker to cause a reload of the affected system.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

Rockwell Automation has provided a new firmware version, Version 15.6.3, to mitigate these vulnerabilities.

See Rockwell Automation's security advisory for more information.

See Also

http://www.nessus.org/u?aac4e3b7

http://www.nessus.org/u?141f2981

http://www.nessus.org/u?c7bf8ef2

Plugin Details

Severity: Medium

ID: 501808

Version: 1.1

Type: remote

Family: Tenable.ot

Published: 11/15/2023

Updated: 11/16/2023

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 7.1

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2016-1344

CVSS v3

Risk Factor: Medium

Base Score: 5.9

Temporal Score: 5.2

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/h:rockwellautomation:allen-bradley_stratix_5900_industrial_managed_ethernet_switch

Required KB Items: Tenable.ot/Rockwell

Exploit Ease: No known exploits are available

Patch Publication Date: 3/25/2016

Vulnerability Publication Date: 3/25/2016

Reference Information

CVE: CVE-2016-1344

CWE: 755