CVE-2016-6415

Cisco IOS, IOS XR, and IOS XE contain insufficient condition checks in the part of the code that handles Internet Key Exchange version 1 (IKEv1) security negotiation requests. contains an information disclosure vulnerability in the Internet Key Exchange version 1 (IKEv1) that could allow an attacker to retrieve memory contents. Successful exploitation could allow the attacker to retrieve memory contents, which can lead to information disclosure. Vendor/Product: Cisco IOS, IOS XR, and IOS XE. Added to CISA KEV 2023-05-19; required action: Apply updates per vendor instructions.