Cisco Event Response Page
Cisco Event Response: September 2016 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication
-
Cisco released its semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication on September 28, 2016. In direct response to customer feedback, Cisco releases bundles of Cisco IOS Software Security Advisories on the fourth Wednesday of the month in March and September of each calendar year.
The September 28, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication includes 10 Cisco Security Advisories that describe 11 vulnerabilities in Cisco IOS and IOS XE Software. Cisco has confirmed that none of the vulnerabilities exist in Cisco IOS XR Software or Cisco NX-OS Software.
Seven of the advisories describe vulnerabilities that are common to both Cisco IOS and IOS XE Software. One advisory describes a vulnerability that exists only in Cisco IOS Software. Two other advisories describe vulnerabilities that exist only in Cisco IOS XE Software. All the vulnerabilities have a Security Impact Rating of “High.” Exploits of the individual vulnerabilities could result in a denial of service (DoS) condition or a memory leak.
To quickly determine if a specific Cisco IOS or IOS XE Software release is exposed to Cisco product vulnerabilities, use the Cisco IOS Software Checker.
-
The following table identifies Cisco Security content associated with this Cisco IOS and IOS XE Software Security Advisory Bundled Publication:
Related Resources
Cisco Security Vulnerability Policy
MITRE Common Vulnerabilities and Exposures
Common Vulnerability Scoring System and the Security Impact Rating
Common Vulnerability Scoring System Q & A
Cisco IPS Signature Downloads
Cisco IOS OVAL Content: Frequently Asked Questions