cvelistv5 - cve-2016-6361

cve-2016-6361

Vulnerability from cvelistv5

Published

2016-08-22 10:00

Modified

2024-08-06 01:29

Severity ?

Summary

References

URL	Tags
ykramarz@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap	Vendor Advisory
ykramarz@cisco.com	http://www.securityfocus.com/bid/92508	Third Party Advisory, VDB Entry
ykramarz@cisco.com	http://www.securitytracker.com/id/1036648	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/92508	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1036648	Third Party Advisory, VDB Entry

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:29:19.501Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20160817 Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms AMPDU Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap"
          },
          {
            "name": "92508",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/92508"
          },
          {
            "name": "1036648",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036648"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-08-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via a crafted AMPDU header, aka Bug ID CSCuz56288."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-25T20:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20160817 Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms AMPDU Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap"
        },
        {
          "name": "92508",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/92508"
        },
        {
          "name": "1036648",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036648"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2016-6361",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via a crafted AMPDU header, aka Bug ID CSCuz56288."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20160817 Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms AMPDU Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap"
            },
            {
              "name": "92508",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/92508"
            },
            {
              "name": "1036648",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036648"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2016-6361",
    "datePublished": "2016-08-22T10:00:00",
    "dateReserved": "2016-07-26T00:00:00",
    "dateUpdated": "2024-08-06T01:29:19.501Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:aironet_access_point_software:8.1\\\\(15.14\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56A62387-63C1-465E-B7C9-8AE336CC1C67\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:aironet_access_point_software:8.1\\\\(112.3\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C399834-8DC2-4B81-B258-0F2DA7408277\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:aironet_access_point_software:8.1\\\\(112.4\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CEF360BC-B2C5-4DF4-8751-C1129A263243\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:aironet_access_point_software:8.1\\\\(131.0\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BEEB3E5A-354E-41DA-971C-03F7915FA947\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:aironet_access_point_software:8.2\\\\(100.0\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"97863857-2CC6-4717-A59F-92F3B6604FDE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:aironet_access_point_software:8.2\\\\(102.43\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3CD7A011-854F-41A9-9C24-BF3769B1797E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:aironet_access_point_software:8.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B28C49B5-1B3D-4228-AE6A-83EC30D69515\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via a crafted AMPDU header, aka Bug ID CSCuz56288.\"}, {\"lang\": \"es\", \"value\": \"La implementaci\\u00f3n de Aggregated MAC Protocol Data Unit (AMPDU) en dispositivos Cisco Aironet 1800, 2800 y 3800 con software en versiones anteriores a 8.2.121.0 y 8.3.x en versiones anteriores 8.3.102.0 permite a atacantes remotos causar una denegaci\\u00f3n de servicios (reinicio de dispositivo) a trav\\u00e9s de una cabecera AMPDU manipulado, tambi\\u00e9n conocido como Bug ID CSCuz56288.\"}]",
      "id": "CVE-2016-6361",
      "lastModified": "2024-11-21T02:55:58.763",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:A/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 6.1, \"accessVector\": \"ADJACENT_NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 6.5, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2016-08-22T10:59:10.043",
      "references": "[{\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/92508\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1036648\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/92508\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1036648\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-6361\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2016-08-22T10:59:10.043\",\"lastModified\":\"2024-11-21T02:55:58.763\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via a crafted AMPDU header, aka Bug ID CSCuz56288.\"},{\"lang\":\"es\",\"value\":\"La implementaci\u00f3n de Aggregated MAC Protocol Data Unit (AMPDU) en dispositivos Cisco Aironet 1800, 2800 y 3800 con software en versiones anteriores a 8.2.121.0 y 8.3.x en versiones anteriores 8.3.102.0 permite a atacantes remotos causar una denegaci\u00f3n de servicios (reinicio de dispositivo) a trav\u00e9s de una cabecera AMPDU manipulado, tambi\u00e9n conocido como Bug ID CSCuz56288.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":6.1,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":6.5,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:aironet_access_point_software:8.1\\\\(15.14\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56A62387-63C1-465E-B7C9-8AE336CC1C67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:aironet_access_point_software:8.1\\\\(112.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C399834-8DC2-4B81-B258-0F2DA7408277\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:aironet_access_point_software:8.1\\\\(112.4\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEF360BC-B2C5-4DF4-8751-C1129A263243\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:aironet_access_point_software:8.1\\\\(131.0\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEEB3E5A-354E-41DA-971C-03F7915FA947\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:aironet_access_point_software:8.2\\\\(100.0\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97863857-2CC6-4717-A59F-92F3B6604FDE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:aironet_access_point_software:8.2\\\\(102.43\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CD7A011-854F-41A9-9C24-BF3769B1797E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:aironet_access_point_software:8.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B28C49B5-1B3D-4228-AE6A-83EC30D69515\"}]}]}],\"references\":[{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/92508\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1036648\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/92508\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1036648\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via a crafted AMPDU header, aka Bug ID CSCuz56288. Cisco Aironet AccessPoints is a set of wireless access point devices from Cisco. A denial of service vulnerability exists in the AggregatedMACProtocolDataUnit (AMPDU) implementation in the Cisco Aironet AccessPoints platform. An attacker could exploit the vulnerability to send a device overload by sending a specially crafted AMPDU packet. Attackers can exploit this issue to reload the affected device, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCuz56288. Cisco Aironet 1800, 2800, and 3800 are all routers of Cisco (Cisco). The following devices and versions are affected: Cisco Aironet 1800, 2800, 3800, versions prior to 8.2.121.0 and versions 8.3.x prior to 8.3.102.0

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201608-0224",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "aironet access point software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.1\\(112.4\\)"
      },
      {
        "model": "aironet access point software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.2\\(102.43\\)"
      },
      {
        "model": "aironet access point software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.3.0"
      },
      {
        "model": "aironet access point software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.1\\(112.3\\)"
      },
      {
        "model": "aironet access point software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.2\\(100.0\\)"
      },
      {
        "model": "aironet access point software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.1\\(15.14\\)"
      },
      {
        "model": "aironet access point software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.1\\(131.0\\)"
      },
      {
        "model": "aironet access point software",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "8.3.x"
      },
      {
        "model": "aironet access point software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "8.3.102.0"
      },
      {
        "model": "aironet series access point",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "3800"
      },
      {
        "model": "aironet series access point",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "2800"
      },
      {
        "model": "aironet series access point",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "1800"
      },
      {
        "model": "aironet series access points",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "38000"
      },
      {
        "model": "aironet series access points",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "28000"
      },
      {
        "model": "aironet series access points",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "18000"
      },
      {
        "model": "aironet series access points",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "38008.3.102.0"
      },
      {
        "model": "aironet series access points",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "38008.2.121.0"
      },
      {
        "model": "aironet series access points",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "28008.3.102.0"
      },
      {
        "model": "aironet series access points",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "28008.2.121.0"
      },
      {
        "model": "aironet series access points",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "18008.3.102.0"
      },
      {
        "model": "aironet series access points",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "18008.2.121.0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-06435"
      },
      {
        "db": "BID",
        "id": "92508"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004433"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6361"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201608-336"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(15.14\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:8.2\\(100.0\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:8.2\\(102.43\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:8.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(112.3\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(112.4\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(131.0\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-6361"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "92508"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201608-336"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2016-6361",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Adjacent Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 6.1,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2016-6361",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2016-06435",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "VHN-95181",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.8,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Adjacent Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 6.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2016-6361",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2016-6361",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2016-06435",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201608-336",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-95181",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2016-6361",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-06435"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95181"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-6361"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004433"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6361"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201608-336"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via a crafted AMPDU header, aka Bug ID CSCuz56288. Cisco Aironet AccessPoints is a set of wireless access point devices from Cisco. A denial of service vulnerability exists in the AggregatedMACProtocolDataUnit (AMPDU) implementation in the Cisco Aironet AccessPoints platform. An attacker could exploit the vulnerability to send a device overload by sending a specially crafted AMPDU packet. \nAttackers can exploit this issue to reload the affected device, denying service to legitimate users. \nThis issue is being tracked by Cisco Bug ID CSCuz56288. Cisco Aironet 1800, 2800, and 3800 are all routers of Cisco (Cisco). The following devices and versions are affected: Cisco Aironet 1800, 2800, 3800, versions prior to 8.2.121.0 and versions 8.3.x prior to 8.3.102.0",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-6361"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004433"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-06435"
      },
      {
        "db": "BID",
        "id": "92508"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95181"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-6361"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-6361",
        "trust": 3.5
      },
      {
        "db": "BID",
        "id": "92508",
        "trust": 2.7
      },
      {
        "db": "SECTRACK",
        "id": "1036648",
        "trust": 1.2
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004433",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201608-336",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-06435",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "34591",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-95181",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-6361",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-06435"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95181"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-6361"
      },
      {
        "db": "BID",
        "id": "92508"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004433"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6361"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201608-336"
      }
    ]
  },
  "id": "VAR-201608-0224",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-06435"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95181"
      }
    ],
    "trust": 1.16931034
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-06435"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:44:12.608000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20160817-aap",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160817-aap"
      },
      {
        "title": "Patch for CiscoAironetAccessPoints Platform Denial of Service Vulnerability (CNVD-2016-06435)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/80566"
      },
      {
        "title": "Cisco Aironet 1800 , 2800 and 3800 Repair measures for platform denial of service vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=63702"
      },
      {
        "title": "Cisco: Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms AMPDU Denial of Service Vulnerability",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160817-aap"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-06435"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-6361"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004433"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201608-336"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-95181"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004433"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6361"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.4,
        "url": "http://www.securityfocus.com/bid/92508"
      },
      {
        "trust": 2.2,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160817-aap"
      },
      {
        "trust": 1.2,
        "url": "http://www.securitytracker.com/id/1036648"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6361"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6361"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/34591"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/cisco/web/solutions/small_business/products/wireless/aironet_series_access_points/index.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/20.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-06435"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95181"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-6361"
      },
      {
        "db": "BID",
        "id": "92508"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004433"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6361"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201608-336"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-06435"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95181"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-6361"
      },
      {
        "db": "BID",
        "id": "92508"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004433"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6361"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201608-336"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-08-22T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-06435"
      },
      {
        "date": "2016-08-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-95181"
      },
      {
        "date": "2016-08-22T00:00:00",
        "db": "VULMON",
        "id": "CVE-2016-6361"
      },
      {
        "date": "2016-08-17T00:00:00",
        "db": "BID",
        "id": "92508"
      },
      {
        "date": "2016-08-23T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-004433"
      },
      {
        "date": "2016-08-22T10:59:10.043000",
        "db": "NVD",
        "id": "CVE-2016-6361"
      },
      {
        "date": "2016-08-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201608-336"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-08-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-06435"
      },
      {
        "date": "2016-12-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-95181"
      },
      {
        "date": "2016-12-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2016-6361"
      },
      {
        "date": "2016-08-17T00:00:00",
        "db": "BID",
        "id": "92508"
      },
      {
        "date": "2016-08-23T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-004433"
      },
      {
        "date": "2016-12-12T19:41:02.760000",
        "db": "NVD",
        "id": "CVE-2016-6361"
      },
      {
        "date": "2016-08-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201608-336"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "specific network environment",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201608-336"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Cisco Aironet Device software  Aggregated MAC Protocol Data Unit Service disruption in implementations  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004433"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201608-336"
      }
    ],
    "trust": 0.6
  }
}

fkie_cve-2016-6361

Vulnerability from fkie_nvd

Published

2016-08-22 10:59

Modified

2024-11-21 02:55

Severity ?

6.5 (Medium) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap	Vendor Advisory
psirt@cisco.com	http://www.securityfocus.com/bid/92508	Third Party Advisory, VDB Entry
psirt@cisco.com	http://www.securitytracker.com/id/1036648	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/92508	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1036648	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
cisco	aironet_access_point_software	8.1\(15.14\)
cisco	aironet_access_point_software	8.1\(112.3\)
cisco	aironet_access_point_software	8.1\(112.4\)
cisco	aironet_access_point_software	8.1\(131.0\)
cisco	aironet_access_point_software	8.2\(100.0\)
cisco	aironet_access_point_software	8.2\(102.43\)
cisco	aironet_access_point_software	8.3.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(15.14\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "56A62387-63C1-465E-B7C9-8AE336CC1C67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(112.3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2C399834-8DC2-4B81-B258-0F2DA7408277",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(112.4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CEF360BC-B2C5-4DF4-8751-C1129A263243",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(131.0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BEEB3E5A-354E-41DA-971C-03F7915FA947",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.2\\(100.0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "97863857-2CC6-4717-A59F-92F3B6604FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.2\\(102.43\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3CD7A011-854F-41A9-9C24-BF3769B1797E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28C49B5-1B3D-4228-AE6A-83EC30D69515",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via a crafted AMPDU header, aka Bug ID CSCuz56288."
    },
    {
      "lang": "es",
      "value": "La implementaci\u00f3n de Aggregated MAC Protocol Data Unit (AMPDU) en dispositivos Cisco Aironet 1800, 2800 y 3800 con software en versiones anteriores a 8.2.121.0 y 8.3.x en versiones anteriores 8.3.102.0 permite a atacantes remotos causar una denegaci\u00f3n de servicios (reinicio de dispositivo) a trav\u00e9s de una cabecera AMPDU manipulado, tambi\u00e9n conocido como Bug ID CSCuz56288."
    }
  ],
  "id": "CVE-2016-6361",
  "lastModified": "2024-11-21T02:55:58.763",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-08-22T10:59:10.043",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/92508"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036648"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/92508"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1036648"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-hc4m-q63q-6fc3

Vulnerability from github

Published

2022-05-17 03:21

Modified

2022-05-17 03:21

Severity ?

6.5 (Medium) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-6361"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-08-22T10:59:00Z",
    "severity": "MODERATE"
  },
  "details": "The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via a crafted AMPDU header, aka Bug ID CSCuz56288.",
  "id": "GHSA-hc4m-q63q-6fc3",
  "modified": "2022-05-17T03:21:45Z",
  "published": "2022-05-17T03:21:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6361"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/92508"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1036648"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

gsd-2016-6361

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2016-6361

Aliases

CVE-2016-6361

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-6361",
    "description": "The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via a crafted AMPDU header, aka Bug ID CSCuz56288.",
    "id": "GSD-2016-6361"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-6361"
      ],
      "details": "The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via a crafted AMPDU header, aka Bug ID CSCuz56288.",
      "id": "GSD-2016-6361",
      "modified": "2023-12-13T01:21:23.162476Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2016-6361",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via a crafted AMPDU header, aka Bug ID CSCuz56288."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20160817 Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms AMPDU Denial of Service Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap"
          },
          {
            "name": "92508",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/92508"
          },
          {
            "name": "1036648",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1036648"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(15.14\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:8.2\\(100.0\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:8.2\\(102.43\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:8.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(112.3\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(112.4\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(131.0\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2016-6361"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The Aggregated MAC Protocol Data Unit (AMPDU) implementation on Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.121.0 and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device reload) via a crafted AMPDU header, aka Bug ID CSCuz56288."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20160817 Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms AMPDU Denial of Service Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap"
            },
            {
              "name": "92508",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/92508"
            },
            {
              "name": "1036648",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1036648"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 6.5,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2016-12-12T19:41Z",
      "publishedDate": "2016-08-22T10:59Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2016-6361

Vulnerability from cvelistv5

var-201608-0224

Vulnerability from variot

fkie_cve-2016-6361

Vulnerability from fkie_nvd

ghsa-hc4m-q63q-6fc3

Vulnerability from github

gsd-2016-6361

Vulnerability from gsd

Tags

Sightings

Nomenclature