FKIE_CVE-2016-1459

Vulnerability from fkie_nvd - Published: 2016-07-17 22:59 - Updated: 2025-04-12 10:46
Severity ?
5.3 (Medium) - CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
Cisco IOS 12.4 and 15.0 through 15.5 and IOS XE 3.13 through 3.17 allow remote authenticated users to cause a denial of service (device reload) via crafted attributes in a BGP message, aka Bug ID CSCuz21061.
References
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160715-bgpVendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/91800
psirt@cisco.comhttp://www.securitytracker.com/id/1036321
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160715-bgpVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/91800
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1036321
Impacted products
Vendor Product Version
cisco ios 12.4\(4\)xc7
cisco ios 12.4\(15\)t17
cisco ios 12.4\(19a\)
cisco ios 12.4\(22\)yb2
cisco ios 12.4\(24\)gc4
cisco ios 12.4\(24\)gc5
cisco ios 15.0\(1\)ex
cisco ios 15.0\(1\)m
cisco ios 15.0\(1\)m9
cisco ios 15.0\(1\)m10
cisco ios 15.0\(1\)s
cisco ios 15.0\(1\)sy
cisco ios 15.0\(2\)sg
cisco ios 15.1\(3\)t4
cisco ios 15.1\(4\)gc2
cisco ios 15.1\(4\)m10
cisco ios 15.2\(3\)t4
cisco ios 15.2\(4\)gc3
cisco ios 15.2\(4\)m10
cisco ios 15.3\(2\)t4
cisco ios 15.3\(3\)m
cisco ios 15.3\(3\)m7
cisco ios 15.4\(2\)t4
cisco ios 15.4\(3\)m5
cisco ios 15.5\(2\)t3
cisco ios 15.5\(3\)m3
cisco ios_xe 3.13.2s
cisco ios_xe 3.13.3s
cisco ios_xe 3.13.4s
cisco ios_xe 3.13.5s
cisco ios_xe 3.14.0s
cisco ios_xe 3.14.1s
cisco ios_xe 3.14.2s
cisco ios_xe 3.14.3s
cisco ios_xe 3.14.4s
cisco ios_xe 3.15.1cs
cisco ios_xe 3.15.2s
cisco ios_xe 3.15.3s
cisco ios_xe 3.16.0cs
cisco ios_xe 3.16.1as
cisco ios_xe 3.16.2s
cisco ios_xe 3.16.3s
cisco ios_xe 3.17.0s
cisco ios_xe 3.17.1s
cisco ios_xe 3.17.2s
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4\\(4\\)xc7:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C689450-7C7D-4A66-AD17-FC78F676F95B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4\\(15\\)t17:*:*:*:*:*:*:*",
              "matchCriteriaId": "665B295C-D387-4156-A6B4-FEF772A2F0B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4\\(19a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8D78695B-9F7C-43DC-BA66-7A25129A798C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4\\(22\\)yb2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD42A62-01A9-476A-A299-8AFAE0AC9A03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4\\(24\\)gc4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5528533C-7248-4BF3-952B-C58D0DD7CEE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4\\(24\\)gc5:*:*:*:*:*:*:*",
              "matchCriteriaId": "19106ACC-FA7B-4B97-918F-5D14F2A710C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)ex:*:*:*:*:*:*:*",
              "matchCriteriaId": "189B0C7C-D794-43EB-A6C6-F29C4B9623A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)m:*:*:*:*:*:*:*",
              "matchCriteriaId": "B97701A6-F7AE-4D14-A5C1-8F7743256766",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)m9:*:*:*:*:*:*:*",
              "matchCriteriaId": "049F7107-B407-4F99-8688-738AF3AF4CBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)m10:*:*:*:*:*:*:*",
              "matchCriteriaId": "97EC3675-6213-4AA2-9C91-73A89AD7D98C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)s:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9B9B664-5B90-4F3A-BD6C-33F0AAC75CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.0\\(1\\)sy:*:*:*:*:*:*:*",
              "matchCriteriaId": "3048FEB4-3269-4EE1-88B5-0AA3E681402B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.0\\(2\\)sg:*:*:*:*:*:*:*",
              "matchCriteriaId": "815EAC82-48B1-47A2-80D7-8CEE806E4B9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(3\\)t4:*:*:*:*:*:*:*",
              "matchCriteriaId": "75634752-042C-4E27-972E-E0D5DCD38BE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(4\\)gc2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B082C941-CE02-440F-8DD7-87873504B964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.1\\(4\\)m10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B990E413-C863-4613-803F-1E492982C70C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(3\\)t4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A597644C-023A-4EA0-99CC-2EBCF1FBB382",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)gc3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF10596D-457A-4DA8-8037-5E92E1D39232",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.2\\(4\\)m10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0322D5E9-FE05-49EF-A210-A276D69B9F16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.3\\(2\\)t4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF7DF14-DD6F-4D24-8F12-AAB145FBDB41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)m:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E0A47B7-5AD3-4B4C-A2FD-4EE0381B3FCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.3\\(3\\)m7:*:*:*:*:*:*:*",
              "matchCriteriaId": "496E2D60-AEEF-4D34-ABE4-9A9B101643D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(2\\)t4:*:*:*:*:*:*:*",
              "matchCriteriaId": "02866AED-A1B4-4D89-A11F-27089EF935BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B8FB86F-2A89-413B-BED7-97E3D392804E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(2\\)t3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BEA314F-8C89-4D6C-A6B6-3E9247A35B7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m3:*:*:*:*:*:*:*",
              "matchCriteriaId": "09CD336D-1110-4B0C-B8D4-7C96293CBADE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.13.2s:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E50FF89-8E71-4EA0-9AEC-2F800ED9D995",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.13.3s:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F6E9386-30B4-4E86-9676-E7E005274048",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.13.4s:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E70C455-E41C-4B17-847A-5F4281139252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.13.5s:*:*:*:*:*:*:*",
              "matchCriteriaId": "64A07329-3A7D-4483-AE69-4786FEB23D92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.14.0s:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD803F59-1CD2-4CA9-9EB1-3CC4ABCD9547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.14.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9247665-BBE7-4DEF-B97B-4981A0EA5CE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.14.2s:*:*:*:*:*:*:*",
              "matchCriteriaId": "E61E0102-B9B6-41F4-9041-0A5F144D849A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.14.3s:*:*:*:*:*:*:*",
              "matchCriteriaId": "579C9E7F-6AE4-4DF5-ABCF-DB390E4669E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.14.4s:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A076E1F-3457-410A-8AB6-64416ECB20A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15.1cs:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EEAB7F8-EAB5-4E7A-8A1B-38EC16D601FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15.2s:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1BFE916-916F-4936-A331-21A0E8193920",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15.3s:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EC9A19-26E6-4E69-B4E7-852CB6327EAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.0cs:*:*:*:*:*:*:*",
              "matchCriteriaId": "5568EABF-8F43-4A87-8DE4-A03E9065BE53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.1as:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC72AA6D-9E18-49F7-95CA-A4A5D7A60E4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.2s:*:*:*:*:*:*:*",
              "matchCriteriaId": "970FD986-6D0E-441C-9BF3-C66A25763A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.3s:*:*:*:*:*:*:*",
              "matchCriteriaId": "1826C997-6D5D-480E-A12E-3048B6C61216",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.17.0s:*:*:*:*:*:*:*",
              "matchCriteriaId": "12793F39-13C4-4DBC-9B78-FE361BDDF89D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.17.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "876767C7-0196-4226-92B1-DDE851B53655",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.17.2s:*:*:*:*:*:*:*",
              "matchCriteriaId": "0141D67B-632F-48ED-8837-4CC799616C57",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco IOS 12.4 and 15.0 through 15.5 and IOS XE 3.13 through 3.17 allow remote authenticated users to cause a denial of service (device reload) via crafted attributes in a BGP message, aka Bug ID CSCuz21061."
    },
    {
      "lang": "es",
      "value": "Cisco IOS 12.4 y 15.0 hasta la versi\u00f3n 15.5 y IOS XE 3.13 hasta la versi\u00f3n 3.17 permiten a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio (reinicio de dispositivo) a trav\u00e9s de atributos manipulados en un mensaje BGP, tambi\u00e9n conocido como Bug ID CSCuz21061."
    }
  ],
  "id": "CVE-2016-1459",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 4.9,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:H/Au:S/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-07-17T22:59:03.303",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160715-bgp"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/91800"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1036321"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160715-bgp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/91800"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1036321"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.