Cisco released a an advisory (CVE-2016-6415) regarding a vulnerability in IKEv1 that affect Cisco IOS, IOS XE and IOS XR software which could allow an unauthenticated malicious user to retrieve memory content leading to disclosure of confidential information
Note: Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability.[1] The list of affected products is available here. This vulnerability is rated High by Cisco.
[1] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1
-----------
Guy Bruneau IPSS Inc.
Twitter: GuyBruneau
gbruneau at isc dot sans dot edu