FKIE_CVE-2016-1361

Vulnerability from fkie_nvd - Published: 2016-03-12 02:59 - Updated: 2025-04-12 10:46
Severity ?
5.3 (Medium) - CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of service (line-card restart) via a crafted packet, aka Bug ID CSCuw56900.
References
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsrVendor Advisory
psirt@cisco.comhttp://www.securitytracker.com/id/1035314
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsrVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1035314
Impacted products
Vendor Product Version
cisco ios_xr 3.3.3
cisco ios_xr 3.4.1
cisco ios_xr 3.4.2
cisco ios_xr 3.4.3
cisco ios_xr 3.5.2
cisco ios_xr 3.5.3
cisco ios_xr 3.5.4
cisco ios_xr 3.6.0
cisco ios_xr 3.6.1
cisco ios_xr 3.6.2
cisco ios_xr 3.6.3
cisco ios_xr 3.7.0
cisco ios_xr 3.7.1
cisco ios_xr 3.8.0
cisco ios_xr 3.8.1
cisco ios_xr 3.8.2
cisco ios_xr 3.8.4
cisco ios_xr 3.9.0
cisco ios_xr 3.9.1
cisco ios_xr 3.9.2
cisco ios_xr 4.0.0
cisco ios_xr 4.0.1
cisco ios_xr 4.0.3
cisco ios_xr 4.1.0
cisco ios_xr 4.1.1
cisco ios_xr 4.1.2
cisco ios_xr 4.2.0
cisco ios_xr 4.2.1
cisco ios_xr 4.2.2
cisco ios_xr 4.2.3
cisco ios_xr 4.2.4
cisco ios_xr 4.3.0
cisco ios_xr 4.3.1
cisco ios_xr 4.3.2
cisco xr_12404 *
cisco xr_12406 *
cisco xr_12410 *
cisco xr_12416 *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1811B6-737F-407C-8AB0-63E6B031D5AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "81797938-F953-42BE-B287-AA48B9860AF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92AED038-C73F-4499-B064-F01D80DB0C64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB7A249B-AF69-47D0-B6DE-968B4CD0BA42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5F15240-6323-4766-801A-D887F3EA8A6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D99DC1CF-78DC-4E59-98BA-DD84702D6467",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B9FA754-E3D2-4D80-8F4B-41139973D9FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F497A05C-2FC5-427D-8036-2476ACA956C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2252E7B0-9112-4E9E-8CF4-4EC53C630CFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1131A524-AA7A-4C94-9FFE-54546EA7D2CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "46D1A634-D39C-4305-8915-4AA289FB68EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "21BAB799-3150-46D8-AEA3-9FCC73203221",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "99042285-94AC-4C57-8EAA-EE63C678A94A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96F48419-AF66-4B50-ACBF-9E38287A64FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBB71A24-AA6C-4BAD-BD37-5C191751C9DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A20B6A9-27B7-4F42-B88D-F4AACC9BC24D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B9A223A-7A0A-4E31-B8A1-C809373A799D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ECAB9C3-9248-4663-ABAE-31FFC969EF3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "10596213-9D2B-48A3-A733-744D41E90419",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:3.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A07DCCD1-85D5-4ED2-B845-8C6EAC7E9D9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F57421B-F54C-4C50-8B25-AF787E541C5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A865225-6AEA-430D-8DB6-E70F7ED5E547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "39F8B336-0DFA-41CE-9EFF-89A09BBDC6D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BFD77AF-358B-4385-BA8E-1BE9AC166825",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E593EF3-133A-4E15-9B86-6B451F5C0159",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BB49EB2-2D99-4C45-80B7-48299A1EBF30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB6ABB63-E2D2-42F7-B648-BF6002D1C05E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "58FEC4F2-040A-4D23-8FE0-BC55020766BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "82520CBD-F42F-4E2D-9D36-878737779690",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DB87708-B088-47F7-BABA-2CD456766897",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFC1194B-56AC-4850-88B0-5EDFF92FABFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "074571B4-65EF-451A-89DC-0797F6E4BFEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D909532E-85F5-4201-8BFF-561A21998D97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "73D962D3-563F-4CDE-B51D-224D7995FBC9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:xr_12404:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54D5CEDE-699C-496E-95CF-BEF9BCF55981",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:xr_12406:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C32030A-3F87-4F01-AA86-493C8F93F777",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:xr_12410:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5CEC5B1-0595-4163-A458-D4FF29F4E117",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:xr_12416:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAD5FA50-0753-43EA-8D07-8F5D719E394D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of service (line-card restart) via a crafted packet, aka Bug ID CSCuw56900."
    },
    {
      "lang": "es",
      "value": "Cisco IOS XR hasta la versi\u00f3n 4.3.2 en dispositivos Gigabit Switch Router (GSR) 12000 no verifica adecuadamente para una cabecera Bidirectional Forwarding Detection (BFD) en un paquete UDP, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio de tarjeta en l\u00ednea) a trav\u00e9s de un paquete manipulado, tambi\u00e9n conocida como Bug ID CSCuw56900."
    }
  ],
  "id": "CVE-2016-1361",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 4.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.2,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-03-12T02:59:04.910",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsr"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1035314"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsr"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1035314"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.