Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability
Vulnerability Description
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent IKEv2 from establishing new security associations. The vulnerability is due to incorrect handling of crafted IKEv2 SA-Init packets. An attacker could exploit this vulnerability by sending crafted IKEv2 SA-Init packets to the affected device. An exploit could allow the attacker to cause the affected device to reach the maximum incoming negotiation limits and prevent further IKEv2 security associations from being formed.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
Cisco IOS和IOS XE 输入验证错误漏洞
Vulnerability Description
Cisco IOS和IOS XE都是美国思科(Cisco)公司的一套为其网络设备开发的操作系统。 Cisco IOS Software和Cisco IOS XE Software中IKEv2的实现存在输入验证错误漏洞,该漏洞源于程序没有正确处理特制的IKEv2 SA-Init数据包。攻击者可利用该漏洞阻止IKEv2建立新的安全关联(SA)。
CVSS Information
N/A
Vulnerability Type
N/A