Cisco IOS XR Software HTTP 2.0 Request Handling Event Service Daemon Denial of Service Vulnerability (cisco-sa-20161207-ios-xr) CVE-2016-9205
- CVSSv3 Score
- Vulnerability description
A vulnerability in the HTTP 2.0 request handling code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Event Management Service daemon (emsd) to crash, resulting in a denial of service (DoS) condition.
- Risk description
The vulnerability is due to improper handling of HTTP requests. An attacker could exploit this vulnerability by sending malicious HTTP 2.0 requests to the targeted system. An exploit could allow the attacker to cause the emsd to crash.
See the referenced vendor advisory for a solution.
- Not available