Published: 05/10/2016 Updated: 30/07/2017

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Cisco IOS 12.2 and IOS XE 3.14 up to and including 3.16 and 16.1 allow remote malicious users to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios xe 3.14.1s
cisco ios xe 16.1.3
cisco ios xe 3.15.1s
cisco ios xe 3.16.0s
cisco ios 12.2\\(33\\)sch4
cisco ios 12.2\\(33\\)sci1a
cisco ios 12.2\\(33\\)cy
cisco ios 12.2\\(33\\)sci1
cisco ios xe 3.15.1cs
cisco ios xe 3.16.0cs
cisco ios 12.2\\(33\\)cx
cisco ios 12.2\\(33\\)cy1
cisco ios xe 16.1.1
cisco ios 12.2\\(33\\)sch2
cisco ios xe 3.14.0s
cisco ios 12.2\\(33\\)sch1
cisco ios xe 3.15.0s
cisco ios 12.2\\(33\\)sch
cisco ios xe 3.14.2s
cisco ios xe 3.15.2s
cisco ios 12.2\\(33\\)sch2a
cisco ios xe 3.15.3s
cisco ios 12.2\\(33\\)sci
cisco ios 12.2\\(33\\)sch3
cisco ios 12.2\\(33\\)sch0a
cisco ios xe 3.15.4s
cisco ios xe 16.1.2
cisco ios 12.2\\(33\\)sch6
cisco ios xe 3.14.3s
cisco ios 12.2\\(33\\)sci3
cisco ios 12.2\\(33\\)sch5
cisco ios xe 3.14.4s

A vulnerability in the IP Detail Record (IPDR) code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload The vulnerability is due to improper handling of IPDR packets An attacker could exploit this vulnerability by sending crafted IPDR packets to an affected system A successful e ...

CWE-20 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr http://www.securityfocus.com/bid/93205 http://www.securitytracker.com/id/1036914 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ipdr

CVE-2016-6379

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect