Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2016-6385

Published: 05/10/2016 Updated: 30/07/2017
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 694
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Cisco

Vulnerability Summary

Memory leak in the Smart Install client implementation in Cisco IOS 12.2 and 15.0 up to and including 15.2 and IOS XE 3.2 up to and including 3.8 allows remote malicious users to cause a denial of service (memory consumption) via crafted image-list parameters, aka Bug ID CSCuy82367.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco ios 12.2\\(54\\)se

cisco ios 12.2\\(44\\)ey

cisco ios 15.0\\(1\\)se1

cisco ios 12.2\\(55\\)se

cisco ios xe 3.3.4se

cisco ios 12.2\\(52\\)ex

cisco ios 12.2\\(53\\)se

cisco ios 15.0\\(2\\)eb

cisco ios xe 3.6.0e

cisco ios 15.2\\(3\\)e2

cisco ios 12.2\\(53\\)ex

cisco ios xe 3.5.0e

cisco ios 15.1\\(2\\)sg7

cisco ios 12.2\\(55\\)ez

cisco ios 15.2\\(1\\)e2

cisco ios 12.2\\(50\\)se5

cisco ios 12.2\\(46\\)ey

cisco ios 12.2\\(58\\)se

cisco ios xe 3.5.2e

cisco ios 15.2\\(1\\)e3

cisco ios 15.0\\(2\\)ed

cisco ios 15.0\\(2a\\)se9

cisco ios xe 3.8.2e

cisco ios 15.2\\(2\\)e

cisco ios 15.0\\(2\\)ek

cisco ios xe 3.3.3se

cisco ios xe 3.6.2e

cisco ios 12.2\\(55\\)se4

cisco ios 15.2\\(2\\)e1

cisco ios xe 3.2.0se

cisco ios xe 3.2.3se

cisco ios 15.2\\(2\\)e2

cisco ios xe 3.7.3e

cisco ios 15.2\\(3m\\)e2

cisco ios 12.2\\(50\\)se1

cisco ios 15.1\\(2\\)sg1

cisco ios 12.2\\(44\\)se1

cisco ios 12.2\\(44\\)ex1

cisco ios xe 3.7.5e

cisco ios 12.2\\(44\\)se3

cisco ios 12.2\\(50\\)se2

cisco ios 12.2\\(60\\)ez2

cisco ios 12.2\\(52\\)ex1

cisco ios 12.2\\(44\\)se4

cisco ios xe 3.3.1xo

cisco ios 12.2\\(60\\)ez3

cisco ios 15.0\\(1\\)ey

cisco ios xe 3.8.0e

cisco ios 12.2\\(35\\)se2

cisco ios 15.1\\(2\\)sg5

cisco ios 12.2\\(40\\)se1

cisco ios 15.0\\(2\\)ej

cisco ios 12.2\\(50\\)se4

cisco ios 12.2\\(55\\)ex3

cisco ios 12.2\\(35\\)ex2

cisco ios xe 3.6.4e

cisco ios 12.2\\(58\\)se2

cisco ios 12.2\\(35\\)ex

cisco ios 15.2\\(1\\)e

cisco ios 15.1\\(2\\)sg3

cisco ios xe 3.3.1se

cisco ios 15.2\\(2\\)eb1

cisco ios 12.2\\(60\\)ez8

cisco ios 12.2\\(53\\)ez

cisco ios 12.2\\(53\\)se1

cisco ios 12.2\\(55\\)se5

cisco ios 15.0\\(2\\)ey

cisco ios xe 3.6.1e

cisco ios 15.0\\(2\\)ex10

cisco ios 15.0\\(2\\)se2

cisco ios 12.2\\(55\\)ey

cisco ios 12.2\\(55\\)se8

cisco ios 15.0\\(2\\)ex2

cisco ios 15.2\\(1\\)ey

cisco ios 12.2\\(44\\)se

cisco ios 15.2\\(3\\)e3

cisco ios 12.2\\(60\\)ez5

cisco ios 15.0\\(2\\)ec

cisco ios xe 3.7.1e

cisco ios xe 3.2.1se

cisco ios 15.0\\(2\\)ej1

cisco ios 12.2\\(58\\)ey1

cisco ios xe 3.6.3e

cisco ios xe 3.3.2se

cisco ios 12.2\\(37\\)ey

cisco ios 12.2\\(60\\)ez

cisco ios 12.2\\(46\\)se

cisco ios 12.2\\(44\\)ex

cisco ios xe 3.3.0se

cisco ios 15.2\\(3\\)e1

cisco ios 12.2\\(35\\)ex1

cisco ios 15.0\\(1\\)ey2

cisco ios 12.2\\(60\\)ez4

cisco ios 15.0\\(2\\)ex

cisco ios 15.1\\(2\\)sg2

cisco ios 15.0\\(2\\)se5

cisco ios 15.0\\(2\\)ex5

cisco ios 12.2\\(40\\)ex1

cisco ios 12.2\\(55\\)ex2

cisco ios 12.2\\(46\\)se1

cisco ios 15.0\\(2\\)se4

cisco ios 15.2\\(3m\\)e3

cisco ios xe 3.2.2se

cisco ios 12.2\\(37\\)ex

cisco ios 12.2\\(50\\)se

cisco ios 15.0\\(1\\)ey1

cisco ios 15.0\\(2\\)ez

cisco ios 12.2\\(46\\)se2

cisco ios 12.2\\(35\\)se3

cisco ios 15.2\\(2a\\)e1

cisco ios xe 3.7.2e

cisco ios 12.2\\(37\\)se1

cisco ios 15.2\\(3\\)e

cisco ios xe 3.3.5se

cisco ios 15.2\\(1\\)e1

cisco ios 12.2\\(55\\)se10

cisco ios 12.2\\(44\\)se6

cisco ios 15.0\\(2\\)ex1

cisco ios 15.2\\(2\\)eb

cisco ios 12.2\\(58\\)ey

cisco ios 12.2\\(58\\)ey2

cisco ios xe 3.3.2xo

cisco ios 12.2\\(60\\)ez6

cisco ios 12.2\\(46\\)ex

cisco ios 15.2\\(2\\)eb2

cisco ios 15.0\\(2\\)se3

cisco ios 15.0\\(1\\)ex

cisco ios 15.0\\(2\\)ex8

cisco ios 12.2\\(53\\)ey

cisco ios 12.2\\(35\\)se

cisco ios 12.2\\(44\\)se5

cisco ios 15.0\\(1\\)se2

cisco ios 15.0\\(2\\)se

cisco ios 12.2\\(40\\)se2

cisco ios 12.2\\(55\\)se3

cisco ios 12.2\\(52\\)se1

cisco ios 15.1\\(2\\)sg

cisco ios 15.0\\(2\\)ey2

cisco ios 12.2\\(35\\)se4

cisco ios 15.0\\(2\\)ek1

cisco ios 15.0\\(2\\)se6

cisco ios 12.2\\(40\\)se

cisco ios 12.2\\(55\\)ex

cisco ios 15.0\\(2\\)ey1

cisco ios 12.2\\(55\\)se2

cisco ios 15.2\\(2\\)e4

cisco ios 12.2\\(40\\)ex2

cisco ios 15.0\\(2\\)eh

cisco ios 12.2\\(37\\)se

cisco ios xe 3.8.1e

cisco ios 12.2\\(44\\)se2

cisco ios 12.2\\(58\\)se1

cisco ios 12.2\\(55\\)ex1

cisco ios xe 3.2.0ja

cisco ios 15.0\\(2\\)se7

cisco ios 15.0\\(1\\)se

cisco ios 15.0\\(2\\)ey3

cisco ios 12.2\\(58\\)ex

cisco ios 15.0\\(2\\)se1

cisco ios 12.2\\(55\\)se7

cisco ios 15.0\\(2a\\)ex5

cisco ios 15.2\\(3a\\)e

cisco ios 12.2\\(55\\)se6

cisco ios 15.1\\(2\\)sg6

cisco ios 15.0\\(2\\)se9

cisco ios 12.2\\(58\\)ez

cisco ios 15.2\\(4\\)e1

cisco ios 12.2\\(50\\)se3

cisco ios 15.0\\(2\\)ex3

cisco ios 12.2\\(60\\)ez7

cisco ios 12.2\\(55\\)se9

cisco ios 15.0\\(2\\)ed1

cisco ios 15.2\\(4m\\)e1

cisco ios 12.2\\(35\\)se1

cisco ios 15.1\\(2\\)sg4

cisco ios 12.2\\(35\\)se5

cisco ios 15.0\\(1\\)se3

cisco ios 12.2\\(60\\)ez1

cisco ios 12.2\\(52\\)se

cisco ios xe 3.6.2ae

cisco ios xe 3.3.0xo

cisco ios xe 3.5.3e

cisco ios 12.2\\(40\\)ex3

cisco ios xe 3.7.0e

cisco ios 15.2\\(4\\)e

cisco ios 12.2\\(53\\)se2

cisco ios 12.2\\(55\\)se1

cisco ios 15.0\\(2\\)ex4

cisco ios xe 3.5.1e

cisco ios 12.2\\(40\\)ex

Vendor Advisories

Cisco: Cisco IOS and IOS XE Software Smart Install Memory Leak Vulnerability
The Smart Install client feature in Cisco IOS and IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a memory leak and eventual denial of service (DoS) condition on an affected device The vulnerability is due to incorrect handling of image list parameters An attacker could exploit this vulnerab ...
Cisco: Action Required to Secure the Cisco IOS and IOS XE Smart Install Feature
In recent weeks, Cisco has published several documents related to the Smart Install feature: one Talos blog about potential misuse of the feature if left enabled, and two Cisco Security Advisories that were included in the March 2018 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication Given the heightened awareness, ...

References

CWE-399http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-smihttp://www.securityfocus.com/bid/93203https://ics-cert.us-cert.gov/advisories/ICSA-16-287-04http://www.securitytracker.com/id/1036914https://nvd.nist.govhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-smi
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook