FKIE_CVE-2016-6379

Vulnerability from fkie_nvd - Published: 2016-10-05 20:59 - Updated: 2025-04-12 10:46
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089.
References
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdrVendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/93205
psirt@cisco.comhttp://www.securitytracker.com/id/1036914
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdrVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/93205
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1036914
Impacted products
Vendor Product Version
cisco ios 12.2\(33\)cx
cisco ios 12.2\(33\)cy
cisco ios 12.2\(33\)cy1
cisco ios 12.2\(33\)sch
cisco ios 12.2\(33\)sch0a
cisco ios 12.2\(33\)sch1
cisco ios 12.2\(33\)sch2
cisco ios 12.2\(33\)sch2a
cisco ios 12.2\(33\)sch3
cisco ios 12.2\(33\)sch4
cisco ios 12.2\(33\)sch5
cisco ios 12.2\(33\)sch6
cisco ios 12.2\(33\)sci
cisco ios 12.2\(33\)sci1
cisco ios 12.2\(33\)sci1a
cisco ios 12.2\(33\)sci3
cisco ios_xe 3.14.0s
cisco ios_xe 3.14.1s
cisco ios_xe 3.14.2s
cisco ios_xe 3.14.3s
cisco ios_xe 3.14.4s
cisco ios_xe 3.15.0s
cisco ios_xe 3.15.1cs
cisco ios_xe 3.15.1s
cisco ios_xe 3.15.2s
cisco ios_xe 3.15.3s
cisco ios_xe 3.15.4s
cisco ios_xe 3.16.0cs
cisco ios_xe 3.16.0s
cisco ios_xe 16.1.1
cisco ios_xe 16.1.2
cisco ios_xe 16.1.3
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)cx:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A4767D1-901D-407E-93A1-16FB664625DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)cy:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD0C5579-1AA6-4349-9AD3-76FD5A0B718B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)cy1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF2190B-7C8D-488A-8F6C-4A42D09663F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B0B3338-E4D5-4095-8974-71E53C331994",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EFF438B-7F65-44A8-BF90-A097A4A44F6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0597C3A-B04E-4E9F-97C7-EC0E42D78DC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF83DC52-FDEE-4E97-BB36-31EF62288FE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AB1EE42-D488-4394-95A3-03028CFFA221",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F47A48B7-7BA9-42BA-828B-94715C72CAAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch4:*:*:*:*:*:*:*",
              "matchCriteriaId": "437487D2-21F6-4040-B089-801289F1726F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6820C62D-C013-4792-91B5-6CFBC199C4B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sch6:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB86B21C-E12A-4ED7-93EC-6EAC3F3B85F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sci:*:*:*:*:*:*:*",
              "matchCriteriaId": "6429A720-E5FA-4D55-B7A5-ABECF7315F64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sci1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F711597B-2972-4E92-93EC-14B680B3E48D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sci1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA6A802D-F4D3-4D97-8937-D47C2723A64F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(33\\)sci3:*:*:*:*:*:*:*",
              "matchCriteriaId": "193415A6-6E8B-49AD-84A8-8F944360A617",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.14.0s:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD803F59-1CD2-4CA9-9EB1-3CC4ABCD9547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.14.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9247665-BBE7-4DEF-B97B-4981A0EA5CE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.14.2s:*:*:*:*:*:*:*",
              "matchCriteriaId": "E61E0102-B9B6-41F4-9041-0A5F144D849A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.14.3s:*:*:*:*:*:*:*",
              "matchCriteriaId": "579C9E7F-6AE4-4DF5-ABCF-DB390E4669E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.14.4s:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A076E1F-3457-410A-8AB6-64416ECB20A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15.0s:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD93CD1-4188-40B7-A20E-9C3FE8344A27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15.1cs:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EEAB7F8-EAB5-4E7A-8A1B-38EC16D601FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "2972E680-5A19-4858-9B35-0B959ED319A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15.2s:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1BFE916-916F-4936-A331-21A0E8193920",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15.3s:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EC9A19-26E6-4E69-B4E7-852CB6327EAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15.4s:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C5484A4-D116-4B79-8369-47979E20AACA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.0cs:*:*:*:*:*:*:*",
              "matchCriteriaId": "5568EABF-8F43-4A87-8DE4-A03E9065BE53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.0s:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0E5BB91-B5E7-4961-87DC-26596E5EDED7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ED5527C-A638-4E20-9928-099E32E17743",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A685A9A-235D-4D74-9D6C-AC49E75709CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "43052998-0A27-4E83-A884-A94701A3F4CE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089."
    },
    {
      "lang": "es",
      "value": "Cisco IOS 12.2 e IOS XE 3.14 hasta la versi\u00f3n 3.16 y 16.1 permiten a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga del dispositivo) a trav\u00e9s de paquetes IP Detail Record (IPDR) manipulados, vulnerabilidad tambi\u00e9n conocida como Bug ID CSCuu35089."
    }
  ],
  "id": "CVE-2016-6379",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-10-05T20:59:02.977",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/93205"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1036914"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/93205"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1036914"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.