CVE-2016-1361 (GCVE-0-2016-1361)

Vulnerability from cvelistv5 – Published: 2016-03-12 02:00 – Updated: 2024-08-05 22:55
VLAI?
Summary
Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of service (line-card restart) via a crafted packet, aka Bug ID CSCuw56900.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.securitytracker.com/id/1035314 vdb-entryx_refsource_SECTRACK
http://tools.cisco.com/security/center/content/Ci… vendor-advisoryx_refsource_CISCO
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:55:14.080Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1035314",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035314"
          },
          {
            "name": "20160311 Cisco Gigabit Switch Router 12000 Series Routers Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsr"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-03-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of service (line-card restart) via a crafted packet, aka Bug ID CSCuw56900."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-01T15:57:02",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1035314",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035314"
        },
        {
          "name": "20160311 Cisco Gigabit Switch Router 12000 Series Routers Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsr"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2016-1361",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of service (line-card restart) via a crafted packet, aka Bug ID CSCuw56900."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1035314",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035314"
            },
            {
              "name": "20160311 Cisco Gigabit Switch Router 12000 Series Routers Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsr"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2016-1361",
    "datePublished": "2016-03-12T02:00:00",
    "dateReserved": "2016-01-04T00:00:00",
    "dateUpdated": "2024-08-05T22:55:14.080Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-1361\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2016-03-12T02:59:04.910\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of service (line-card restart) via a crafted packet, aka Bug ID CSCuw56900.\"},{\"lang\":\"es\",\"value\":\"Cisco IOS XR hasta la versi\u00f3n 4.3.2 en dispositivos Gigabit Switch Router (GSR) 12000 no verifica adecuadamente para una cabecera Bidirectional Forwarding Detection (BFD) en un paquete UDP, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio de tarjeta en l\u00ednea) a trav\u00e9s de un paquete manipulado, tambi\u00e9n conocida como Bug ID CSCuw56900.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:H/Au:N/C:N/I:N/A:C\",\"baseScore\":4.6,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.2,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:3.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E1811B6-737F-407C-8AB0-63E6B031D5AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:3.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81797938-F953-42BE-B287-AA48B9860AF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:3.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92AED038-C73F-4499-B064-F01D80DB0C64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:3.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB7A249B-AF69-47D0-B6DE-968B4CD0BA42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:3.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5F15240-6323-4766-801A-D887F3EA8A6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:3.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D99DC1CF-78DC-4E59-98BA-DD84702D6467\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:3.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B9FA754-E3D2-4D80-8F4B-41139973D9FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:3.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F497A05C-2FC5-427D-8036-2476ACA956C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:3.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2252E7B0-9112-4E9E-8CF4-4EC53C630CFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:3.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1131A524-AA7A-4C94-9FFE-54546EA7D2CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:3.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46D1A634-D39C-4305-8915-4AA289FB68EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:3.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21BAB799-3150-46D8-AEA3-9FCC73203221\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:3.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99042285-94AC-4C57-8EAA-EE63C678A94A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:3.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96F48419-AF66-4B50-ACBF-9E38287A64FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:3.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBB71A24-AA6C-4BAD-BD37-5C191751C9DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:3.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A20B6A9-27B7-4F42-B88D-F4AACC9BC24D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:3.8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B9A223A-7A0A-4E31-B8A1-C809373A799D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:3.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1ECAB9C3-9248-4663-ABAE-31FFC969EF3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:3.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10596213-9D2B-48A3-A733-744D41E90419\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:3.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A07DCCD1-85D5-4ED2-B845-8C6EAC7E9D9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F57421B-F54C-4C50-8B25-AF787E541C5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A865225-6AEA-430D-8DB6-E70F7ED5E547\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39F8B336-0DFA-41CE-9EFF-89A09BBDC6D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:4.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BFD77AF-358B-4385-BA8E-1BE9AC166825\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:4.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E593EF3-133A-4E15-9B86-6B451F5C0159\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:4.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BB49EB2-2D99-4C45-80B7-48299A1EBF30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:4.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB6ABB63-E2D2-42F7-B648-BF6002D1C05E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:4.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58FEC4F2-040A-4D23-8FE0-BC55020766BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:4.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82520CBD-F42F-4E2D-9D36-878737779690\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:4.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DB87708-B088-47F7-BABA-2CD456766897\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:4.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFC1194B-56AC-4850-88B0-5EDFF92FABFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:4.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"074571B4-65EF-451A-89DC-0797F6E4BFEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:4.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D909532E-85F5-4201-8BFF-561A21998D97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:4.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73D962D3-563F-4CDE-B51D-224D7995FBC9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:xr_12404:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54D5CEDE-699C-496E-95CF-BEF9BCF55981\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:xr_12406:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C32030A-3F87-4F01-AA86-493C8F93F777\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:xr_12410:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5CEC5B1-0595-4163-A458-D4FF29F4E117\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:xr_12416:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAD5FA50-0753-43EA-8D07-8F5D719E394D\"}]}]}],\"references\":[{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsr\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1035314\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsr\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1035314\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.