ID CVE-2016-1459
Summary Cisco IOS 12.4 and 15.0 through 15.5 and IOS XE 3.13 through 3.17 allow remote authenticated users to cause a denial of service (device reload) via crafted attributes in a BGP message, aka Bug ID CSCuz21061.
References
Vulnerable Configurations
  • Cisco IOS XE 3.17.2S
    cpe:2.3:o:cisco:ios_xe:3.17.2s
  • cpe:2.3:o:cisco:ios_xe:3.16.3s
    cpe:2.3:o:cisco:ios_xe:3.16.3s
  • Cisco IOS XE 3.16.0cS
    cpe:2.3:o:cisco:ios_xe:3.16.0cs
  • cpe:2.3:o:cisco:ios_xe:3.15.3s
    cpe:2.3:o:cisco:ios_xe:3.15.3s
  • Cisco IOS XE 3.15.1cS
    cpe:2.3:o:cisco:ios_xe:3.15.1cs
  • cpe:2.3:o:cisco:ios_xe:3.13.5s
    cpe:2.3:o:cisco:ios_xe:3.13.5s
  • cpe:2.3:o:cisco:ios_xe:3.16.2s
    cpe:2.3:o:cisco:ios_xe:3.16.2s
  • cpe:2.3:o:cisco:ios_xe:3.16.1as
    cpe:2.3:o:cisco:ios_xe:3.16.1as
  • cpe:2.3:o:cisco:ios_xe:3.13.4s
    cpe:2.3:o:cisco:ios_xe:3.13.4s
  • cpe:2.3:o:cisco:ios_xe:3.17.1s
    cpe:2.3:o:cisco:ios_xe:3.17.1s
  • cpe:2.3:o:cisco:ios_xe:3.17.0s
    cpe:2.3:o:cisco:ios_xe:3.17.0s
  • cpe:2.3:o:cisco:ios_xe:3.15.2s
    cpe:2.3:o:cisco:ios_xe:3.15.2s
  • cpe:2.3:o:cisco:ios_xe:3.13.3s
    cpe:2.3:o:cisco:ios_xe:3.13.3s
  • cpe:2.3:o:cisco:ios_xe:3.14.4s
    cpe:2.3:o:cisco:ios_xe:3.14.4s
  • cpe:2.3:o:cisco:ios_xe:3.14.3s
    cpe:2.3:o:cisco:ios_xe:3.14.3s
  • cpe:2.3:o:cisco:ios_xe:3.14.2s
    cpe:2.3:o:cisco:ios_xe:3.14.2s
  • cpe:2.3:o:cisco:ios_xe:3.14.1s
    cpe:2.3:o:cisco:ios_xe:3.14.1s
  • cpe:2.3:o:cisco:ios_xe:3.14.0s
    cpe:2.3:o:cisco:ios_xe:3.14.0s
  • cpe:2.3:o:cisco:ios_xe:3.13.2s
    cpe:2.3:o:cisco:ios_xe:3.13.2s
  • cpe:2.3:o:cisco:ios:15.5%283%29m3
    cpe:2.3:o:cisco:ios:15.5%283%29m3
  • Cisco IOS 15.4(3)M5
    cpe:2.3:o:cisco:ios:15.4%283%29m5
  • Cisco IOS 15.5(2)T3
    cpe:2.3:o:cisco:ios:15.5%282%29t3
  • Cisco IOS 15.4(2)T4
    cpe:2.3:o:cisco:ios:15.4%282%29t4
  • Cisco IOS 15.3(3)M7
    cpe:2.3:o:cisco:ios:15.3%283%29m7
  • Cisco IOS 15.2(4)GC3
    cpe:2.3:o:cisco:ios:15.2%284%29gc3
  • Cisco IOS 15.1(4)GC2
    cpe:2.3:o:cisco:ios:15.1%284%29gc2
  • Cisco IOS 15.3(2)T4
    cpe:2.3:o:cisco:ios:15.3%282%29t4
  • Cisco IOS 15.3(3)M
    cpe:2.3:o:cisco:ios:15.3%283%29m
  • cpe:2.3:o:cisco:ios:15.2%284%29m10
    cpe:2.3:o:cisco:ios:15.2%284%29m10
  • cpe:2.3:o:cisco:ios:15.2%283%29t4
    cpe:2.3:o:cisco:ios:15.2%283%29t4
  • Cisco IOS 15.1(3)T4
    cpe:2.3:o:cisco:ios:15.1%283%29t4
  • Cisco IOS 15.1(4)M10
    cpe:2.3:o:cisco:ios:15.1%284%29m10
  • cpe:2.3:o:cisco:ios:15.0%281%29sy
    cpe:2.3:o:cisco:ios:15.0%281%29sy
  • Cisco IOS 15.0(2)SG
    cpe:2.3:o:cisco:ios:15.0%282%29sg
  • Cisco IOS 15.0(1)S
    cpe:2.3:o:cisco:ios:15.0%281%29s
  • Cisco IOS 15.0(1)M9
    cpe:2.3:o:cisco:ios:15.0%281%29m9
  • Cisco IOS 15.0(1)M10
    cpe:2.3:o:cisco:ios:15.0%281%29m10
  • Cisco IOS 15.0(1)M
    cpe:2.3:o:cisco:ios:15.0%281%29m
  • cpe:2.3:o:cisco:ios:15.0%281%29ex
    cpe:2.3:o:cisco:ios:15.0%281%29ex
  • Cisco IOS 12.4(22)YB2
    cpe:2.3:o:cisco:ios:12.4%2822%29yb2
  • Cisco IOS 12.4(4)XC7
    cpe:2.3:o:cisco:ios:12.4%284%29xc7
  • cpe:2.3:o:cisco:ios:12.4%2815%29t17
    cpe:2.3:o:cisco:ios:12.4%2815%29t17
  • cpe:2.3:o:cisco:ios:12.4%2824%29gc5
    cpe:2.3:o:cisco:ios:12.4%2824%29gc5
  • cpe:2.3:o:cisco:ios:12.4%2824%29gc4
    cpe:2.3:o:cisco:ios:12.4%2824%29gc4
  • Cisco IOS 12.4(19A)
    cpe:2.3:o:cisco:ios:12.4%2819a%29
CVSS
Base: 4.9 (as of 18-07-2016 - 14:59)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH SINGLE_INSTANCE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
nessus via4
  • NASL family CISCO
    NASL id CISCO-SA-20160715-BGP-IOSXE.NASL
    description The Cisco IOS XE Software running on the remote device is missing a security patch. It is, therefore, affected by a denial of service vulnerability in the Border Gateway Protocol (BGP) message processing functions due to improper processing of BGP attributes. An authenticated, remote attacker can exploit this, via specially crafted BGP messages under certain unspecified conditions, to cause the affected device to reload. Note that Nessus has not tested for the presence of the workarounds referenced in the vendor advisory.
    last seen 2019-02-21
    modified 2018-08-09
    plugin id 93123
    published 2016-08-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=93123
    title Cisco IOS XE Software Border Gateway Protocol Message Processing DoS (cisco-sa-20160715-bgp)
  • NASL family CISCO
    NASL id CISCO-SA-20160715-BGP-IOS.NASL
    description The Cisco IOS Software running on the remote device is missing a security patch. It is, therefore, affected by a denial of service vulnerability in the Border Gateway Protocol (BGP) message processing functions due to improper processing of BGP attributes. An authenticated, remote attacker can exploit this, via specially crafted BGP messages under certain unspecified conditions, to cause the affected device to reload. Note that Nessus has not tested for the presence of the workarounds referenced in the vendor advisory.
    last seen 2019-02-21
    modified 2018-08-09
    plugin id 93122
    published 2016-08-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=93122
    title Cisco IOS Software Border Gateway Protocol Message Processing DoS (cisco-sa-20160715-bgp)
refmap via4
bid 91800
cisco 20160715 Cisco IOS and IOS XE Software Border Gateway Protocol Message Processing Denial of Service Vulnerability
sectrack 1036321
Last major update 28-11-2016 - 14:59
Published 17-07-2016 - 18:59
Last modified 31-08-2017 - 21:29
Back to Top