Advisory ID: cisco-sa-20160914-ios-xe Severity: Medium First Published: 2016-09-14 16:00 GMT CVE ID: CVE-2016-6403 CWE ID: CWE-399 Cisco Bug IDs: CSCuy82904, CSCuy82909, CSCuy82912 CVSS Score: Base 4.3, Temporal 3.6 Summary: - A vulnerability in the Data in Motion (DMo) application can allow an unauthenticated, remote attacker to cause a denial of service (DoS) in the DMo process due to insufficient input validation. - Attackers can exploit this by sending a specially crafted packet. - No workarounds are available. Affected Products: - Cisco IOS and IOS XE Software with the IOx feature set. - No other Cisco products are affected. Workarounds: None available. Fixed Software: Available through the Cisco Bug Search Tool. Exploitation and Public Announcements: No public announcements or malicious use reported. URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-ios-xe