cvelistv5 - cve-2016-6379

CVE-2016-6379 (GCVE-0-2016-6379)

Vulnerability from cvelistv5 – Published: 2016-10-05 20:00 – Updated: 2024-08-06 01:29

Summary

Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089.

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

	http://www.securitytracker.com/id/1036914	vdb-entryx_refsource_SECTRACK
	http://tools.cisco.com/security/center/content/Ci…	vendor-advisoryx_refsource_CISCO
	http://www.securityfocus.com/bid/93205	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:29:19.532Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1036914",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036914"
          },
          {
            "name": "20160928 Cisco IOS and IOS XE Software IP Detail Record Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr"
          },
          {
            "name": "93205",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/93205"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-09-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-29T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1036914",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036914"
        },
        {
          "name": "20160928 Cisco IOS and IOS XE Software IP Detail Record Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr"
        },
        {
          "name": "93205",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/93205"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2016-6379",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1036914",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036914"
            },
            {
              "name": "20160928 Cisco IOS and IOS XE Software IP Detail Record Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr"
            },
            {
              "name": "93205",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/93205"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2016-6379",
    "datePublished": "2016-10-05T20:00:00",
    "dateReserved": "2016-07-26T00:00:00",
    "dateUpdated": "2024-08-06T01:29:19.532Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)cx:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A4767D1-901D-407E-93A1-16FB664625DF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)cy:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD0C5579-1AA6-4349-9AD3-76FD5A0B718B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)cy1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ECF2190B-7C8D-488A-8F6C-4A42D09663F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sch:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B0B3338-E4D5-4095-8974-71E53C331994\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sch0a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7EFF438B-7F65-44A8-BF90-A097A4A44F6C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sch1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F0597C3A-B04E-4E9F-97C7-EC0E42D78DC4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sch2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF83DC52-FDEE-4E97-BB36-31EF62288FE1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sch2a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3AB1EE42-D488-4394-95A3-03028CFFA221\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sch3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F47A48B7-7BA9-42BA-828B-94715C72CAAF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sch4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"437487D2-21F6-4040-B089-801289F1726F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sch5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6820C62D-C013-4792-91B5-6CFBC199C4B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sch6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB86B21C-E12A-4ED7-93EC-6EAC3F3B85F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sci:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6429A720-E5FA-4D55-B7A5-ABECF7315F64\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sci1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F711597B-2972-4E92-93EC-14B680B3E48D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sci1a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA6A802D-F4D3-4D97-8937-D47C2723A64F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sci3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"193415A6-6E8B-49AD-84A8-8F944360A617\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:3.14.0s:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD803F59-1CD2-4CA9-9EB1-3CC4ABCD9547\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:3.14.1s:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9247665-BBE7-4DEF-B97B-4981A0EA5CE4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:3.14.2s:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E61E0102-B9B6-41F4-9041-0A5F144D849A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:3.14.3s:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"579C9E7F-6AE4-4DF5-ABCF-DB390E4669E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:3.14.4s:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A076E1F-3457-410A-8AB6-64416ECB20A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:3.15.0s:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FAD93CD1-4188-40B7-A20E-9C3FE8344A27\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:3.15.1cs:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0EEAB7F8-EAB5-4E7A-8A1B-38EC16D601FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:3.15.1s:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2972E680-5A19-4858-9B35-0B959ED319A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:3.15.2s:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1BFE916-916F-4936-A331-21A0E8193920\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:3.15.3s:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0EC9A19-26E6-4E69-B4E7-852CB6327EAD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:3.15.4s:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C5484A4-D116-4B79-8369-47979E20AACA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:3.16.0cs:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5568EABF-8F43-4A87-8DE4-A03E9065BE53\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:3.16.0s:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0E5BB91-B5E7-4961-87DC-26596E5EDED7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:16.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0ED5527C-A638-4E20-9928-099E32E17743\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:16.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A685A9A-235D-4D74-9D6C-AC49E75709CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:16.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"43052998-0A27-4E83-A884-A94701A3F4CE\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089.\"}, {\"lang\": \"es\", \"value\": \"Cisco IOS 12.2 e IOS XE 3.14 hasta la versi\\u00f3n 3.16 y 16.1 permiten a atacantes remotos provocar una denegaci\\u00f3n de servicio (recarga del dispositivo) a trav\\u00e9s de paquetes IP Detail Record (IPDR) manipulados, vulnerabilidad tambi\\u00e9n conocida como Bug ID CSCuu35089.\"}]",
      "id": "CVE-2016-6379",
      "lastModified": "2024-11-21T02:56:00.997",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2016-10-05T20:59:02.977",
      "references": "[{\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/93205\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://www.securitytracker.com/id/1036914\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/93205\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1036914\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-6379\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2016-10-05T20:59:02.977\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089.\"},{\"lang\":\"es\",\"value\":\"Cisco IOS 12.2 e IOS XE 3.14 hasta la versi\u00f3n 3.16 y 16.1 permiten a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga del dispositivo) a trav\u00e9s de paquetes IP Detail Record (IPDR) manipulados, vulnerabilidad tambi\u00e9n conocida como Bug ID CSCuu35089.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)cx:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A4767D1-901D-407E-93A1-16FB664625DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)cy:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD0C5579-1AA6-4349-9AD3-76FD5A0B718B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)cy1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECF2190B-7C8D-488A-8F6C-4A42D09663F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sch:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B0B3338-E4D5-4095-8974-71E53C331994\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sch0a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EFF438B-7F65-44A8-BF90-A097A4A44F6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sch1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0597C3A-B04E-4E9F-97C7-EC0E42D78DC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sch2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF83DC52-FDEE-4E97-BB36-31EF62288FE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sch2a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AB1EE42-D488-4394-95A3-03028CFFA221\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sch3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F47A48B7-7BA9-42BA-828B-94715C72CAAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sch4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"437487D2-21F6-4040-B089-801289F1726F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sch5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6820C62D-C013-4792-91B5-6CFBC199C4B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sch6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB86B21C-E12A-4ED7-93EC-6EAC3F3B85F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sci:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6429A720-E5FA-4D55-B7A5-ABECF7315F64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sci1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F711597B-2972-4E92-93EC-14B680B3E48D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sci1a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA6A802D-F4D3-4D97-8937-D47C2723A64F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(33\\\\)sci3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"193415A6-6E8B-49AD-84A8-8F944360A617\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.14.0s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD803F59-1CD2-4CA9-9EB1-3CC4ABCD9547\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.14.1s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9247665-BBE7-4DEF-B97B-4981A0EA5CE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.14.2s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E61E0102-B9B6-41F4-9041-0A5F144D849A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.14.3s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"579C9E7F-6AE4-4DF5-ABCF-DB390E4669E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.14.4s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A076E1F-3457-410A-8AB6-64416ECB20A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.15.0s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAD93CD1-4188-40B7-A20E-9C3FE8344A27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.15.1cs:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EEAB7F8-EAB5-4E7A-8A1B-38EC16D601FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.15.1s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2972E680-5A19-4858-9B35-0B959ED319A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.15.2s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1BFE916-916F-4936-A331-21A0E8193920\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.15.3s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0EC9A19-26E6-4E69-B4E7-852CB6327EAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.15.4s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C5484A4-D116-4B79-8369-47979E20AACA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.0cs:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5568EABF-8F43-4A87-8DE4-A03E9065BE53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.0s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0E5BB91-B5E7-4961-87DC-26596E5EDED7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0ED5527C-A638-4E20-9928-099E32E17743\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A685A9A-235D-4D74-9D6C-AC49E75709CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43052998-0A27-4E83-A884-A94701A3F4CE\"}]}]}],\"references\":[{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/93205\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://www.securitytracker.com/id/1036914\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/93205\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1036914\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GSD-2016-6379

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089.

Aliases

CVE-2016-6379

Aliases

CVE-2016-6379

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-6379",
    "description": "Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089.",
    "id": "GSD-2016-6379"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-6379"
      ],
      "details": "Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089.",
      "id": "GSD-2016-6379",
      "modified": "2023-12-13T01:21:23.400806Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2016-6379",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1036914",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1036914"
          },
          {
            "name": "20160928 Cisco IOS and IOS XE Software IP Detail Record Denial of Service Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr"
          },
          {
            "name": "93205",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/93205"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.14.1s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.15.1s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.16.0s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sci1a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)cy:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sci1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.15.1cs:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.16.0cs:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)cx:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)cy1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.14.0s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.15.0s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.14.2s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.15.2s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch2a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.15.3s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sci:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch0a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.15.4s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.14.3s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sci3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.14.4s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2016-6379"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20160928 Cisco IOS and IOS XE Software IP Detail Record Denial of Service Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr"
            },
            {
              "name": "93205",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/93205"
            },
            {
              "name": "1036914",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1036914"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2017-07-30T01:29Z",
      "publishedDate": "2016-10-05T20:59Z"
    }
  }
}

GHSA-MFX3-7CX6-R432

Vulnerability from github – Published: 2022-05-17 02:21 – Updated: 2022-05-17 02:21

Details

Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089.

Severity ?

7.5 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-6379"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-10-05T20:59:00Z",
    "severity": "HIGH"
  },
  "details": "Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089.",
  "id": "GHSA-mfx3-7cx6-r432",
  "modified": "2022-05-17T02:21:50Z",
  "published": "2022-05-17T02:21:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6379"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/93205"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1036914"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2016-6379

Vulnerability from fkie_nvd - Published: 2016-10-05 20:59 - Updated: 2025-04-12 10:46

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089.

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr	Vendor Advisory
psirt@cisco.com	http://www.securityfocus.com/bid/93205
psirt@cisco.com	http://www.securitytracker.com/id/1036914
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/93205
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1036914

Impacted products

Vendor	Product	Version
cisco	ios	12.2\(33\)cx
cisco	ios	12.2\(33\)cy
cisco	ios	12.2\(33\)cy1
cisco	ios	12.2\(33\)sch
cisco	ios	12.2\(33\)sch0a
cisco	ios	12.2\(33\)sch1
cisco	ios	12.2\(33\)sch2
cisco	ios	12.2\(33\)sch2a
cisco	ios	12.2\(33\)sch3
cisco	ios	12.2\(33\)sch4
cisco	ios	12.2\(33\)sch5
cisco	ios	12.2\(33\)sch6
cisco	ios	12.2\(33\)sci
cisco	ios	12.2\(33\)sci1
cisco	ios	12.2\(33\)sci1a
cisco	ios	12.2\(33\)sci3
cisco	ios_xe	3.14.0s
cisco	ios_xe	3.14.1s
cisco	ios_xe	3.14.2s
cisco	ios_xe	3.14.3s
cisco	ios_xe	3.14.4s
cisco	ios_xe	3.15.0s
cisco	ios_xe	3.15.1cs
cisco	ios_xe	3.15.1s
cisco	ios_xe	3.15.2s
cisco	ios_xe	3.15.3s
cisco	ios_xe	3.15.4s
cisco	ios_xe	3.16.0cs
cisco	ios_xe	3.16.0s
cisco	ios_xe	16.1.1
cisco	ios_xe	16.1.2
cisco	ios_xe	16.1.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)cx:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A4767D1-901D-407E-93A1-16FB664625DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)cy:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD0C5579-1AA6-4349-9AD3-76FD5A0B718B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)cy1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF2190B-7C8D-488A-8F6C-4A42D09663F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B0B3338-E4D5-4095-8974-71E53C331994",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EFF438B-7F65-44A8-BF90-A097A4A44F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0597C3A-B04E-4E9F-97C7-EC0E42D78DC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF83DC52-FDEE-4E97-BB36-31EF62288FE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AB1EE42-D488-4394-95A3-03028CFFA221",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F47A48B7-7BA9-42BA-828B-94715C72CAAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch4:*:*:*:*:*:*:*",
              "matchCriteriaId": "437487D2-21F6-4040-B089-801289F1726F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6820C62D-C013-4792-91B5-6CFBC199C4B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch6:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB86B21C-E12A-4ED7-93EC-6EAC3F3B85F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sci:*:*:*:*:*:*:*",
              "matchCriteriaId": "6429A720-E5FA-4D55-B7A5-ABECF7315F64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sci1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F711597B-2972-4E92-93EC-14B680B3E48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sci1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA6A802D-F4D3-4D97-8937-D47C2723A64F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sci3:*:*:*:*:*:*:*",
              "matchCriteriaId": "193415A6-6E8B-49AD-84A8-8F944360A617",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.14.0s:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD803F59-1CD2-4CA9-9EB1-3CC4ABCD9547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.14.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9247665-BBE7-4DEF-B97B-4981A0EA5CE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.14.2s:*:*:*:*:*:*:*",
              "matchCriteriaId": "E61E0102-B9B6-41F4-9041-0A5F144D849A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.14.3s:*:*:*:*:*:*:*",
              "matchCriteriaId": "579C9E7F-6AE4-4DF5-ABCF-DB390E4669E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.14.4s:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A076E1F-3457-410A-8AB6-64416ECB20A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15.0s:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD93CD1-4188-40B7-A20E-9C3FE8344A27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15.1cs:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EEAB7F8-EAB5-4E7A-8A1B-38EC16D601FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "2972E680-5A19-4858-9B35-0B959ED319A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15.2s:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1BFE916-916F-4936-A331-21A0E8193920",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15.3s:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EC9A19-26E6-4E69-B4E7-852CB6327EAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15.4s:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C5484A4-D116-4B79-8369-47979E20AACA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.0cs:*:*:*:*:*:*:*",
              "matchCriteriaId": "5568EABF-8F43-4A87-8DE4-A03E9065BE53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.0s:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0E5BB91-B5E7-4961-87DC-26596E5EDED7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ED5527C-A638-4E20-9928-099E32E17743",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A685A9A-235D-4D74-9D6C-AC49E75709CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "43052998-0A27-4E83-A884-A94701A3F4CE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089."
    },
    {
      "lang": "es",
      "value": "Cisco IOS 12.2 e IOS XE 3.14 hasta la versi\u00f3n 3.16 y 16.1 permiten a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga del dispositivo) a trav\u00e9s de paquetes IP Detail Record (IPDR) manipulados, vulnerabilidad tambi\u00e9n conocida como Bug ID CSCuu35089."
    }
  ],
  "id": "CVE-2016-6379",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-10-05T20:59:02.977",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/93205"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1036914"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/93205"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1036914"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2016-AVI-322

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Cisco IOS et Cisco IOS XE. Elles permettent à un attaquant de provoquer un déni de service et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	IOS XE	Cisco IOS XE versions 16.x
Cisco	IOS XE	Cisco IOS, voir sur le site du constructeur pour vérifier si votre système est vulnérable (cf. section Documentation)
Cisco	IOS XE	Cisco IOS XE versions 3.x

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20160928-frag du 28 septembre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160928-ios-ikev1 du 28 septembre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160928-cip du 28 septembre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160928-smi du 28 septembre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160928-msdp du 28 septembre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160928-dns du 28 septembre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160928-h323 du 28 septembre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160928-ipdr du 28 septembre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160928-h323 du 28 septembre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160928-msdp du 28 septembre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160928-cip du 28 septembre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160928-ios-ikev1 du 28 septembre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160928-ipdr du 28 septembre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160928-frag du 28 septembre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160928-dns du 28 septembre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160928-smi du 28 septembre 2016	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco IOS XE versions 16.x",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS, voir sur le site du constructeur pour v\u00e9rifier si votre syst\u00e8me est vuln\u00e9rable (cf. section Documentation)",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS XE versions 3.x",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-6379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6379"
    },
    {
      "name": "CVE-2016-6385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6385"
    },
    {
      "name": "CVE-2016-6380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6380"
    },
    {
      "name": "CVE-2016-6386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6386"
    },
    {
      "name": "CVE-2016-6381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6381"
    },
    {
      "name": "CVE-2016-6382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6382"
    },
    {
      "name": "CVE-2016-6384",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6384"
    },
    {
      "name": "CVE-2016-6391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6391"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-h323 du 28    septembre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-h323"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-msdp du 28    septembre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-msdp"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-cip du 28    septembre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-cip"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-ios-ikev1 du    28 septembre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-ipdr du 28    septembre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-frag du 28    septembre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-frag"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-dns du 28    septembre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-dns"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-smi du 28    septembre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-smi"
    }
  ],
  "reference": "CERTFR-2016-AVI-322",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-09-29T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eCisco IOS\u003c/span\u003e et \u003cspan class=\"textit\"\u003eCisco IOS\nXE\u003c/span\u003e. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de\nservice et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Cisco IOS et IOS XE",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-frag du 28 septembre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-ios-ikev1 du 28 septembre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-cip du 28 septembre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-smi du 28 septembre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-msdp du 28 septembre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-dns du 28 septembre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-h323 du 28 septembre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-ipdr du 28 septembre 2016",
      "url": null
    }
  ]
}

CERTFR-2016-AVI-322

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	IOS XE	Cisco IOS XE versions 16.x
Cisco	IOS XE	Cisco IOS, voir sur le site du constructeur pour vérifier si votre système est vulnérable (cf. section Documentation)
Cisco	IOS XE	Cisco IOS XE versions 3.x

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20160928-frag du 28 septembre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160928-ios-ikev1 du 28 septembre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160928-cip du 28 septembre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160928-smi du 28 septembre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160928-msdp du 28 septembre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160928-dns du 28 septembre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160928-h323 du 28 septembre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160928-ipdr du 28 septembre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160928-h323 du 28 septembre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160928-msdp du 28 septembre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160928-cip du 28 septembre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160928-ios-ikev1 du 28 septembre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160928-ipdr du 28 septembre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160928-frag du 28 septembre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160928-dns du 28 septembre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160928-smi du 28 septembre 2016	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco IOS XE versions 16.x",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS, voir sur le site du constructeur pour v\u00e9rifier si votre syst\u00e8me est vuln\u00e9rable (cf. section Documentation)",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco IOS XE versions 3.x",
      "product": {
        "name": "IOS XE",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-6379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6379"
    },
    {
      "name": "CVE-2016-6385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6385"
    },
    {
      "name": "CVE-2016-6380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6380"
    },
    {
      "name": "CVE-2016-6386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6386"
    },
    {
      "name": "CVE-2016-6381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6381"
    },
    {
      "name": "CVE-2016-6382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6382"
    },
    {
      "name": "CVE-2016-6384",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6384"
    },
    {
      "name": "CVE-2016-6391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6391"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-h323 du 28    septembre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-h323"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-msdp du 28    septembre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-msdp"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-cip du 28    septembre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-cip"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-ios-ikev1 du    28 septembre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-ipdr du 28    septembre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-frag du 28    septembre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-frag"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-dns du 28    septembre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-dns"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-smi du 28    septembre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-smi"
    }
  ],
  "reference": "CERTFR-2016-AVI-322",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-09-29T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eCisco IOS\u003c/span\u003e et \u003cspan class=\"textit\"\u003eCisco IOS\nXE\u003c/span\u003e. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de\nservice et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Cisco IOS et IOS XE",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-frag du 28 septembre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-ios-ikev1 du 28 septembre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-cip du 28 septembre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-smi du 28 septembre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-msdp du 28 septembre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-dns du 28 septembre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-h323 du 28 septembre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160928-ipdr du 28 septembre 2016",
      "url": null
    }
  ]
}

CNVD-2016-08386

Vulnerability from cnvd - Published: 2016-10-08

Title

Cisco IOS and IOS XE Software拒绝服务漏洞（CNVD-2016-08386）

Description

Cisco IOS和IOS XE Software都是美国思科（Cisco）公司为其网络设备开发的操作系统。IP Detail Record（IPDR）是其中的一个提供详细网络信息记录的模块。 Cisco IOS和IOS XE Software中的IPDR代码存在拒绝服务漏洞。远程攻击者可通过发送特制的IPDR数据包利用该漏洞造成设备重载，导致拒绝服务。

Severity

高

Patch Name

Cisco IOS and IOS XE Software拒绝服务漏洞（CNVD-2016-08386）的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr

Reference

http://www.securityfocus.com/bid/93205

Impacted products

Name
['Cisco uBR10000 Series Universal Broadband Routers', 'Cisco uBR7225VXR Universal Broadband Routers', 'Cisco uBR7200 Series Universal Broadband Routers', 'Cisco cBR Series Converged Broadband Routers']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "93205"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-6379"
    }
  },
  "description": "Cisco IOS\u548cIOS XE Software\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u4e3a\u5176\u7f51\u7edc\u8bbe\u5907\u5f00\u53d1\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002IP Detail Record\uff08IPDR\uff09\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u63d0\u4f9b\u8be6\u7ec6\u7f51\u7edc\u4fe1\u606f\u8bb0\u5f55\u7684\u6a21\u5757\u3002\r\n\r\nCisco IOS\u548cIOS XE Software\u4e2d\u7684IPDR\u4ee3\u7801\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684IPDR\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u8bbe\u5907\u91cd\u8f7d\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a \r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-08386",
  "openTime": "2016-10-08",
  "patchDescription": "Cisco IOS\u548cIOS XE Software\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u4e3a\u5176\u7f51\u7edc\u8bbe\u5907\u5f00\u53d1\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002IP Detail Record\uff08IPDR\uff09\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u63d0\u4f9b\u8be6\u7ec6\u7f51\u7edc\u4fe1\u606f\u8bb0\u5f55\u7684\u6a21\u5757\u3002\r\n\r\nCisco IOS\u548cIOS XE Software\u4e2d\u7684IPDR\u4ee3\u7801\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684IPDR\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u8bbe\u5907\u91cd\u8f7d\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco IOS and IOS XE Software\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2016-08386\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco uBR10000 Series Universal Broadband Routers",
      "Cisco uBR7225VXR Universal Broadband Routers",
      "Cisco uBR7200 Series Universal Broadband Routers",
      "Cisco cBR Series Converged Broadband Routers"
    ]
  },
  "referenceLink": "http://www.securityfocus.com/bid/93205",
  "serverity": "\u9ad8",
  "submitTime": "2016-09-29",
  "title": "Cisco IOS and IOS XE Software\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2016-08386\uff09"
}

VAR-201610-0303

Vulnerability from variot - Updated: 2023-12-18 11:25

Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089. Both Cisco IOS and IOSXESoftware are operating systems developed by Cisco for its network devices. IPDetailRecord (IPDR) is one of the modules that provides detailed network information logging. A remote attacker could exploit the vulnerability by sending a specially crafted IPDR packet, causing the device to be overloaded, resulting in a denial of service. This issue is being tracked by Cisco Bug ID CSCuu35089

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201610-0303",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "12.2\\(33\\)sci1a"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "3.15.3s"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "12.2\\(33\\)sci1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "12.2\\(33\\)sci3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "12.2\\(33\\)cy"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "3.14.4s"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "12.2\\(33\\)sch2"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "16.1.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "12.2\\(33\\)sch5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "12.2\\(33\\)sci"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "12.2\\(33\\)sch4"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.15.2s"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.15.1s"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "12.2\\(33\\)sch2a"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.15.0s"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "12.2\\(33\\)sch0a"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "12.2\\(33\\)sch1"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.15.1cs"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "16.1.3"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.15.4s"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "12.2\\(33\\)sch6"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "16.1.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "12.2\\(33\\)cx"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.16.0s"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.16.0cs"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.14.2s"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "12.2\\(33\\)cy1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "12.2\\(33\\)sch3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "12.2\\(33\\)sch"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.14.3s"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.14.0s"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.14.1s"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "12.2"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "16.1"
      },
      {
        "model": "ios xe",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "3.14 to  3.16"
      },
      {
        "model": "ubr10000 series universal broadband routers",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ubr7225vxr universal broadband routers",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ubr7200 series universal broadband routers",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "cbr series converged broadband routers",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios xe software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-08386"
      },
      {
        "db": "BID",
        "id": "93205"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005148"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6379"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-642"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.14.1s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.15.1s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.16.0s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sci1a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)cy:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sci1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.15.1cs:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.16.0cs:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)cx:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)cy1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.14.0s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.15.0s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.14.2s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.15.2s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch2a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.15.3s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sci:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch0a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.15.4s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:16.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.14.3s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sci3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:3.14.4s:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-6379"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco.",
    "sources": [
      {
        "db": "BID",
        "id": "93205"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-642"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2016-6379",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.8,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2016-6379",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2016-08386",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-95199",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2016-6379",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2016-6379",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2016-08386",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201609-642",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-95199",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-08386"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95199"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005148"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6379"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-642"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089. Both Cisco IOS and IOSXESoftware are operating systems developed by Cisco for its network devices. IPDetailRecord (IPDR) is one of the modules that provides detailed network information logging. A remote attacker could exploit the vulnerability by sending a specially crafted IPDR packet, causing the device to be overloaded, resulting in a denial of service. \nThis issue is being tracked by Cisco Bug ID CSCuu35089",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-6379"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005148"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-08386"
      },
      {
        "db": "BID",
        "id": "93205"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95199"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-6379",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "93205",
        "trust": 2.6
      },
      {
        "db": "SECTRACK",
        "id": "1036914",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005148",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-642",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-08386",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-95199",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-08386"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95199"
      },
      {
        "db": "BID",
        "id": "93205"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005148"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6379"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-642"
      }
    ]
  },
  "id": "VAR-201610-0303",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-08386"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95199"
      }
    ],
    "trust": 1.584527514
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-08386"
      }
    ]
  },
  "last_update_date": "2023-12-18T11:25:25.626000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20160928-ipdr",
        "trust": 0.8,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160928-ipdr"
      },
      {
        "title": "Patch for CiscoIOSandIOSXESoftware Denial of Service Vulnerability (CNVD-2016-08386)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/82005"
      },
      {
        "title": "Cisco IOS  and IOS XE Software IP Detail Record Remediation measures for denial of service vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=64412"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-08386"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005148"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-642"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-95199"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005148"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6379"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "http://www.securityfocus.com/bid/93205"
      },
      {
        "trust": 2.0,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160928-ipdr"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1036914"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6379"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6379"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/en/us/products/sw/iosswrel/products_ios_cisco_ios_software_category_home.html"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-08386"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95199"
      },
      {
        "db": "BID",
        "id": "93205"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005148"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6379"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-642"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-08386"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95199"
      },
      {
        "db": "BID",
        "id": "93205"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005148"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6379"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-642"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-10-08T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-08386"
      },
      {
        "date": "2016-10-05T00:00:00",
        "db": "VULHUB",
        "id": "VHN-95199"
      },
      {
        "date": "2016-09-28T00:00:00",
        "db": "BID",
        "id": "93205"
      },
      {
        "date": "2016-10-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-005148"
      },
      {
        "date": "2016-10-05T20:59:02.977000",
        "db": "NVD",
        "id": "CVE-2016-6379"
      },
      {
        "date": "2016-09-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201609-642"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-10-08T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-08386"
      },
      {
        "date": "2017-07-30T00:00:00",
        "db": "VULHUB",
        "id": "VHN-95199"
      },
      {
        "date": "2016-10-03T04:01:00",
        "db": "BID",
        "id": "93205"
      },
      {
        "date": "2016-10-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-005148"
      },
      {
        "date": "2017-07-30T01:29:10.227000",
        "db": "NVD",
        "id": "CVE-2016-6379"
      },
      {
        "date": "2016-10-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201609-642"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-642"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco IOS and  IOS XE Service disruption in  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005148"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201609-642"
      }
    ],
    "trust": 0.6
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-6379 (GCVE-0-2016-6379)

GSD-2016-6379

GHSA-MFX3-7CX6-R432

FKIE_CVE-2016-6379

CERTFR-2016-AVI-322

Solution

CERTFR-2016-AVI-322

Solution

CNVD-2016-08386

VAR-201610-0303

Tags

Sightings

Nomenclature