Vulnerabilites related to zzinc - keymouse
var-201602-0045
Vulnerability from variot
Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998. Vendors report this vulnerability Bug ID CSCut12998 Published as. Supplementary information : CWE Vulnerability types by CWE-284: Improper Access Control ( Improper access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlCrafted by a remotely authenticated user REST Via a request, RBAC Restrictions may be bypassed. Cisco ApplicationPolicyInfrastructureControllers and CiscoNexus9000SeriesACIModeSwitches are products of Cisco. The former is a controller that automates the management of application-centric infrastructure (ACI). The latter is a 9000 series switch for Application-Centric Infrastructure (ACI). Security vulnerabilities exist in CiscoAPIC and Nexus9000ACIModeSwitches, which can be exploited by remote attackers to bypass established RBAC restrictions by sending specially crafted REST requests. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0045",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nx-os",
"scope": "eq",
"trust": 1.8,
"vendor": "cisco",
"version": "base"
},
{
"model": "keymouse",
"scope": "eq",
"trust": 1.0,
"vendor": "zzinc",
"version": "3.08"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_124"
},
{
"model": "gs1900-10hp",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "2.50\\(aazi.0\\)c0"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.0(1d)"
},
{
"model": "nexus 9000 series",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "aci mode switch 11.1(1j)"
},
{
"model": "nexus 9000 series",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "11.1"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.0(2m)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.0(3f)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.0(1b)"
},
{
"model": "application policy infrastructure controller software",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.0(1c)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.0(2j)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.0(1e)"
},
{
"model": "application policy infrastructure controller software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "1.1(1j)"
},
{
"model": "application policy infrastructure controller \u003c1.0",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "application policy infrastructure controller 1.1 )",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "nexus aci mode switches with software \u003c11.0",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "9000"
},
{
"model": "nexus aci mode switches with software 11.1 )",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "9000"
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0\\\\\\(2j\\\\\\)"
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0\\\\\\(1n\\\\\\)"
},
{
"model": "nexus 9516",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0\\\\\\(1e\\\\\\)"
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0\\\\\\(1k\\\\\\)"
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0\\\\\\(1h\\\\\\)"
},
{
"model": "nexus 9504",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0\\\\\\(2m\\\\\\)"
},
{
"model": "nexus 9508",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "application policy infrastructure controller",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0\\\\\\(3f\\\\\\)"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01453"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001606"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-142"
},
{
"db": "NVD",
"id": "CVE-2016-1302"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:application_policy_infrastructure_controller_%28apic%29",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:nexus_9000",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:nx-os",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001606"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "82549"
}
],
"trust": 0.3
},
"cve": "CVE-2016-1302",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2016-1302",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.8,
"id": "CNVD-2016-01453",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-90121",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2016-1302",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-1302",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-1302",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2016-01453",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-142",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-90121",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01453"
},
{
"db": "VULHUB",
"id": "VHN-90121"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001606"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-142"
},
{
"db": "NVD",
"id": "CVE-2016-1302"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998. Vendors report this vulnerability Bug ID CSCut12998 Published as. Supplementary information : CWE Vulnerability types by CWE-284: Improper Access Control ( Improper access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlCrafted by a remotely authenticated user REST Via a request, RBAC Restrictions may be bypassed. Cisco ApplicationPolicyInfrastructureControllers and CiscoNexus9000SeriesACIModeSwitches are products of Cisco. The former is a controller that automates the management of application-centric infrastructure (ACI). The latter is a 9000 series switch for Application-Centric Infrastructure (ACI). Security vulnerabilities exist in CiscoAPIC and Nexus9000ACIModeSwitches, which can be exploited by remote attackers to bypass established RBAC restrictions by sending specially crafted REST requests. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1302"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001606"
},
{
"db": "CNVD",
"id": "CNVD-2016-01453"
},
{
"db": "BID",
"id": "82549"
},
{
"db": "VULHUB",
"id": "VHN-90121"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1302",
"trust": 3.4
},
{
"db": "SECTRACK",
"id": "1034925",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001606",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201602-142",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-01453",
"trust": 0.6
},
{
"db": "BID",
"id": "82549",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-90121",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01453"
},
{
"db": "VULHUB",
"id": "VHN-90121"
},
{
"db": "BID",
"id": "82549"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001606"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-142"
},
{
"db": "NVD",
"id": "CVE-2016-1302"
}
]
},
"id": "VAR-201602-0045",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01453"
},
{
"db": "VULHUB",
"id": "VHN-90121"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01453"
}
]
},
"last_update_date": "2024-11-23T22:52:41.792000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160203-apic",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic"
},
{
"title": "CiscoApplicationPolicyInfrastructureController and Nexus9000ACIModeSwitches security bypass vulnerability patches",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/72203"
},
{
"title": "Cisco Application Policy Infrastructure Controller and Nexus 9000 ACI Mode Switches Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60090"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01453"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001606"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-142"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90121"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001606"
},
{
"db": "NVD",
"id": "CVE-2016-1302"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160203-apic"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1302"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034925"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1302"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01453"
},
{
"db": "VULHUB",
"id": "VHN-90121"
},
{
"db": "BID",
"id": "82549"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001606"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-142"
},
{
"db": "NVD",
"id": "CVE-2016-1302"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-01453"
},
{
"db": "VULHUB",
"id": "VHN-90121"
},
{
"db": "BID",
"id": "82549"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001606"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-142"
},
{
"db": "NVD",
"id": "CVE-2016-1302"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-01453"
},
{
"date": "2016-02-07T00:00:00",
"db": "VULHUB",
"id": "VHN-90121"
},
{
"date": "2016-02-03T00:00:00",
"db": "BID",
"id": "82549"
},
{
"date": "2016-03-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001606"
},
{
"date": "2016-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-142"
},
{
"date": "2016-02-07T11:59:01.943000",
"db": "NVD",
"id": "CVE-2016-1302"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-01453"
},
{
"date": "2016-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-90121"
},
{
"date": "2016-07-05T21:22:00",
"db": "BID",
"id": "82549"
},
{
"date": "2016-03-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001606"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-142"
},
{
"date": "2024-11-21T02:46:08.933000",
"db": "NVD",
"id": "CVE-2016-1302"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-142"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Application Policy Infrastructure Controller Device software and Nexus 9000 ACI Mode In switch software RBAC Vulnerabilities bypassing restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001606"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-142"
}
],
"trust": 0.6
}
}
var-201604-0007
Vulnerability from variot
Cisco TelePresence Server 4.1(2.29) through 4.2(4.17) on 7010; Mobility Services Engine (MSE) 8710; Multiparty Media 310, 320, and 820; and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted HTTP requests that are not followed by an unspecified negotiation, aka Bug ID CSCuv47565. Run on multiple devices Cisco TelePresence Server There is a service disruption ( Memory consumption or device reload ) There are vulnerabilities that are put into a state. Cisco TelePresence Server is prone to a denial-of-service vulnerability. An attacker can exploit this issue to consume excessive amounts of memory resources, resulting in a denial-of-service condition. This issue is being tracked by Cisco bug ID CSCuv47565. MSE is a platform (Mobile Service Engine) that can provide Wi-Fi services. The platform collects, stores and manages data from wireless clients, Cisco access points and controllers. A security vulnerability exists in Cisco TelePresence Server due to the improper handling of specially crafted URLs by the HTTP parsing engine
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201604-0007",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_124"
},
{
"model": "gs1900-10hp",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "2.50\\(aazi.0\\)c0"
},
{
"model": "keymouse",
"scope": "eq",
"trust": 1.0,
"vendor": "zzinc",
"version": "3.08"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "4.1(2.29) to 4.2(4.17)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.1\\\\\\(2.33\\\\\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.1\\\\\\(2.29\\\\\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.2\\\\\\(4.17\\\\\\)"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007018"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-039"
},
{
"db": "NVD",
"id": "CVE-2015-6313"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:telepresence_server_software",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007018"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "85881"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6313",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6313",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-84274",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2015-6313",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6313",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-6313",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201604-039",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-84274",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84274"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007018"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-039"
},
{
"db": "NVD",
"id": "CVE-2015-6313"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco TelePresence Server 4.1(2.29) through 4.2(4.17) on 7010; Mobility Services Engine (MSE) 8710; Multiparty Media 310, 320, and 820; and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted HTTP requests that are not followed by an unspecified negotiation, aka Bug ID CSCuv47565. Run on multiple devices Cisco TelePresence Server There is a service disruption ( Memory consumption or device reload ) There are vulnerabilities that are put into a state. Cisco TelePresence Server is prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to consume excessive amounts of memory resources, resulting in a denial-of-service condition. \nThis issue is being tracked by Cisco bug ID CSCuv47565. MSE is a platform (Mobile Service Engine) that can provide Wi-Fi services. The platform collects, stores and manages data from wireless clients, Cisco access points and controllers. A security vulnerability exists in Cisco TelePresence Server due to the improper handling of specially crafted URLs by the HTTP parsing engine",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6313"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007018"
},
{
"db": "BID",
"id": "85881"
},
{
"db": "VULHUB",
"id": "VHN-84274"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6313",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1035501",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007018",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201604-039",
"trust": 0.7
},
{
"db": "BID",
"id": "85881",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-84274",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84274"
},
{
"db": "BID",
"id": "85881"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007018"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-039"
},
{
"db": "NVD",
"id": "CVE-2015-6313"
}
]
},
"id": "VAR-201604-0007",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84274"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:43:13.606000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160406-cts1",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts1"
},
{
"title": "Cisco TelePresence Server Remediation measures for denial of service vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60774"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007018"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-039"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84274"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007018"
},
{
"db": "NVD",
"id": "CVE-2015-6313"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160406-cts1"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1035501"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6313"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6313"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84274"
},
{
"db": "BID",
"id": "85881"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007018"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-039"
},
{
"db": "NVD",
"id": "CVE-2015-6313"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-84274"
},
{
"db": "BID",
"id": "85881"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007018"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-039"
},
{
"db": "NVD",
"id": "CVE-2015-6313"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-06T00:00:00",
"db": "VULHUB",
"id": "VHN-84274"
},
{
"date": "2016-04-06T00:00:00",
"db": "BID",
"id": "85881"
},
{
"date": "2016-04-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007018"
},
{
"date": "2016-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-039"
},
{
"date": "2016-04-06T23:59:01.283000",
"db": "NVD",
"id": "CVE-2015-6313"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-84274"
},
{
"date": "2016-04-06T00:00:00",
"db": "BID",
"id": "85881"
},
{
"date": "2016-04-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007018"
},
{
"date": "2016-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-039"
},
{
"date": "2024-11-21T02:34:45.620000",
"db": "NVD",
"id": "CVE-2015-6313"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-039"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Run on multiple devices Cisco TelePresence Server Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007018"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-039"
}
],
"trust": 0.6
}
}
var-201603-0033
Vulnerability from variot
Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and 6.0(2)A6(1) through 6.0(2)A6(5) and 6.0(2)A7(1) on Nexus 3500 devices has hardcoded credentials, which allows remote attackers to obtain root privileges via a (1) TELNET or (2) SSH session, aka Bug ID CSCuy25800. Cisco Nexus is Cisco's line of network switches designed for data centers. This vulnerability is caused by a user account created during installation that cannot be deleted or changed. The password is also static by default. Allows an unauthenticated remote attacker to log in to the device as root and has bashshell access. NX-OS Software is a data center operating system running on it
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "nx-os on nexus series switches 6.0 u6",
"scope": "eq",
"trust": 3.0,
"vendor": "cisco",
"version": "3000"
},
{
"_id": null,
"model": "nx-os on nexus platform switches 6.0 a6",
"scope": "eq",
"trust": 3.0,
"vendor": "cisco",
"version": "3500"
},
{
"_id": null,
"model": "keymouse",
"scope": "eq",
"trust": 1.0,
"vendor": "zzinc",
"version": "3.08"
},
{
"_id": null,
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"_id": null,
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_124"
},
{
"_id": null,
"model": "gs1900-10hp",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "2.50\\(aazi.0\\)c0"
},
{
"_id": null,
"model": "nx-os",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.0(2)a6(1) to 6.0(2)a6(5) (nexus 3500)"
},
{
"_id": null,
"model": "nx-os",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.0(2)a7(1) (nexus 3500)"
},
{
"_id": null,
"model": "nx-os",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.0(2)u6(1) to 6.0(2)u6(5) (nexus 3000)"
},
{
"_id": null,
"model": "nx-os on nexus platform switches 6.0 a7",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3500"
},
{
"_id": null,
"model": "nexus 3064",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "nexus 3048",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "nexus 3064t",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "nexus 3548",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "nexus 3524",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "nexus 3064x",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01458"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001817"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-011"
},
{
"db": "NVD",
"id": "CVE-2016-1329"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:nx-os",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001817"
}
]
},
"cve": "CVE-2016-1329",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-1329",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-01458",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-90148",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-1329",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-1329",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-1329",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2016-01458",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-011",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-90148",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-1329",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01458"
},
{
"db": "VULHUB",
"id": "VHN-90148"
},
{
"db": "VULMON",
"id": "CVE-2016-1329"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001817"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-011"
},
{
"db": "NVD",
"id": "CVE-2016-1329"
}
]
},
"description": {
"_id": null,
"data": "Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and 6.0(2)A6(1) through 6.0(2)A6(5) and 6.0(2)A7(1) on Nexus 3500 devices has hardcoded credentials, which allows remote attackers to obtain root privileges via a (1) TELNET or (2) SSH session, aka Bug ID CSCuy25800. Cisco Nexus is Cisco\u0027s line of network switches designed for data centers. This vulnerability is caused by a user account created during installation that cannot be deleted or changed. The password is also static by default. Allows an unauthenticated remote attacker to log in to the device as root and has bashshell access. NX-OS Software is a data center operating system running on it",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1329"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001817"
},
{
"db": "CNVD",
"id": "CNVD-2016-01458"
},
{
"db": "VULHUB",
"id": "VHN-90148"
},
{
"db": "VULMON",
"id": "CVE-2016-1329"
}
],
"trust": 2.34
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2016-1329",
"trust": 3.2
},
{
"db": "SECTRACK",
"id": "1035161",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001817",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-011",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-01458",
"trust": 0.6
},
{
"db": "BID",
"id": "83945",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-90923",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-90148",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-1329",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01458"
},
{
"db": "VULHUB",
"id": "VHN-90148"
},
{
"db": "VULMON",
"id": "CVE-2016-1329"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001817"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-011"
},
{
"db": "NVD",
"id": "CVE-2016-1329"
}
]
},
"id": "VAR-201603-0033",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01458"
},
{
"db": "VULHUB",
"id": "VHN-90148"
}
],
"trust": 1.6166666666666667
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01458"
}
]
},
"last_update_date": "2024-11-23T22:31:00.386000Z",
"patch": {
"_id": null,
"data": [
{
"title": "cisco-sa-20160302-n3k",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-n3k"
},
{
"title": "Patch for Cisco Nexus 3000/3500 Switch Default Credential Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/72206"
},
{
"title": "Cisco Nexus 3000 Series Switches and Cisco Nexus 3500 Platform Switches NX-OS Software Fixes for permission permissions and access control vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60376"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2016/03/03/cisco_stitches_default_root_creds_for_switches/"
},
{
"title": "Cisco: Cisco Nexus 3000 Series and 3500 Platform Switches Insecure Default Credentials Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160302-n3k"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01458"
},
{
"db": "VULMON",
"id": "CVE-2016-1329"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001817"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-011"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90148"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001817"
},
{
"db": "NVD",
"id": "CVE-2016-1329"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.5,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160302-n3k"
},
{
"trust": 1.8,
"url": "https://isc.sans.edu/forums/diary/20795"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1035161"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1329"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1329"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/83945"
},
{
"trust": 0.1,
"url": "https://www.theregister.co.uk/2016/03/03/cisco_stitches_default_root_creds_for_switches/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01458"
},
{
"db": "VULHUB",
"id": "VHN-90148"
},
{
"db": "VULMON",
"id": "CVE-2016-1329"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001817"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-011"
},
{
"db": "NVD",
"id": "CVE-2016-1329"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-01458",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-90148",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2016-1329",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001817",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201603-011",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2016-1329",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2016-03-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-01458",
"ident": null
},
{
"date": "2016-03-03T00:00:00",
"db": "VULHUB",
"id": "VHN-90148",
"ident": null
},
{
"date": "2016-03-03T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1329",
"ident": null
},
{
"date": "2016-03-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001817",
"ident": null
},
{
"date": "2016-03-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-011",
"ident": null
},
{
"date": "2016-03-03T11:59:00.117000",
"db": "NVD",
"id": "CVE-2016-1329",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2016-03-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-01458",
"ident": null
},
{
"date": "2016-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-90148",
"ident": null
},
{
"date": "2016-12-03T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1329",
"ident": null
},
{
"date": "2016-03-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001817",
"ident": null
},
{
"date": "2016-03-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-011",
"ident": null
},
{
"date": "2024-11-21T02:46:11.900000",
"db": "NVD",
"id": "CVE-2016-1329",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-011"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Cisco Nexus 3000 and Nexus 3500 Run on device Cisco NX-OS In root Privileged vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001817"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-011"
}
],
"trust": 0.6
}
}
var-201603-0329
Vulnerability from variot
Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload) by sending crafted TCP packets to a device that has a TIME_WAIT TCP session, aka Bug ID CSCub70579. Cisco NX-OS is a data center level operating system. An unauthenticated remote attacker exploiting this vulnerability could result in a denial of service on the affected device. The following products are affected: Cisco Nexus 1000V Series Switches, Nexus 3000 Series Switches, Nexus 4000 Series Switches, Nexus 5000 Series Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Unified Computing CSuting running NX-OS Software)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0329",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_124"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "base"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4_4k"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1_1e"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4_3u"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_4b"
},
{
"model": "gs1900-10hp",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "2.50\\(aazi.0\\)c0"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4_4j"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4_4l"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4_3q"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_5b"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2_1d"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4_3m"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2_1e"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2_2d"
},
{
"model": "jr6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.6_base"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2_1c"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1_3f"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4_1i"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4_3l"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4_3y"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_3c"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1_3d"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1_1b"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_2r"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_1w"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4_4i"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4_4f"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_4a"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4_3s"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1_3e"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_1t"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4_1j"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4_1m"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.5_base"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_5c"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2_1b"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4_4g"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_5e"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_5f"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_5a"
},
{
"model": "keymouse",
"scope": "eq",
"trust": 1.0,
"vendor": "zzinc",
"version": "3.08"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_2m"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1_2d"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1_3a"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_1x"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_1q"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2_2e"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_5d"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_3b"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_4d"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1_1f"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1_2c"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_3a"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1_1d"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1_3c"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1_1a"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2_2c"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1_3b"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_2q"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_1s"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4_3i"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1_2a"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "4.0 to 6.1"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "(ucs)"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1000v"
},
{
"model": "nexus series switche",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5000"
},
{
"model": "nexus series switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "6000"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.0\\\\\\(3\\\\\\)u5\\\\\\(1c\\\\\\)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.0\\\\\\(3\\\\\\)u5\\\\\\(1h\\\\\\)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.0\\\\\\(3\\\\\\)u5\\\\\\(1a\\\\\\)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "6.0\\\\\\(1\\\\\\)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.1\\\\\\(2\\\\\\)e1\\\\\\(1d\\\\\\)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.0\\\\\\(3\\\\\\)u5\\\\\\(1b\\\\\\)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.2\\\\\\(5\\\\\\)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.0\\\\\\(3\\\\\\)u5\\\\\\(1d\\\\\\)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.1\\\\\\(2\\\\\\)e1\\\\\\(1b\\\\\\)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.2\\\\\\(7\\\\\\)"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01460"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006993"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-009"
},
{
"db": "NVD",
"id": "CVE-2015-0718"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:nx-os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:unified_computing_system",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006993"
}
]
},
"cve": "CVE-2015-0718",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-0718",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-01460",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-78664",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2015-0718",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-0718",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-0718",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2016-01460",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-009",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-78664",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01460"
},
{
"db": "VULHUB",
"id": "VHN-78664"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006993"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-009"
},
{
"db": "NVD",
"id": "CVE-2015-0718"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload) by sending crafted TCP packets to a device that has a TIME_WAIT TCP session, aka Bug ID CSCub70579. Cisco NX-OS is a data center level operating system. An unauthenticated remote attacker exploiting this vulnerability could result in a denial of service on the affected device. The following products are affected: Cisco Nexus 1000V Series Switches, Nexus 3000 Series Switches, Nexus 4000 Series Switches, Nexus 5000 Series Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Unified Computing CSuting running NX-OS Software)",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0718"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006993"
},
{
"db": "CNVD",
"id": "CNVD-2016-01460"
},
{
"db": "VULHUB",
"id": "VHN-78664"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-0718",
"trust": 3.1
},
{
"db": "SECTRACK",
"id": "1035159",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1035160",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006993",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-009",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-01460",
"trust": 0.6
},
{
"db": "BID",
"id": "83950",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-78664",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01460"
},
{
"db": "VULHUB",
"id": "VHN-78664"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006993"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-009"
},
{
"db": "NVD",
"id": "CVE-2015-0718"
}
]
},
"id": "VAR-201603-0329",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01460"
},
{
"db": "VULHUB",
"id": "VHN-78664"
}
],
"trust": 1.07560321
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01460"
}
]
},
"last_update_date": "2024-11-23T22:31:00.088000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160302-netstack",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-netstack"
},
{
"title": "Patch for Cisco NX-OSSoftware Denial of Service Vulnerability (CNVD-2016-01460)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/72208"
},
{
"title": "Cisco NX-OS Software TCP Fix for stack denial of service vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60374"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01460"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006993"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-009"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78664"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006993"
},
{
"db": "NVD",
"id": "CVE-2015-0718"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160302-netstack"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1035159"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1035160"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0718"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0718"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01460"
},
{
"db": "VULHUB",
"id": "VHN-78664"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006993"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-009"
},
{
"db": "NVD",
"id": "CVE-2015-0718"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-01460"
},
{
"db": "VULHUB",
"id": "VHN-78664"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006993"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-009"
},
{
"db": "NVD",
"id": "CVE-2015-0718"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-01460"
},
{
"date": "2016-03-03T00:00:00",
"db": "VULHUB",
"id": "VHN-78664"
},
{
"date": "2016-03-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006993"
},
{
"date": "2016-03-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-009"
},
{
"date": "2016-03-03T22:59:02.707000",
"db": "NVD",
"id": "CVE-2015-0718"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-01460"
},
{
"date": "2016-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-78664"
},
{
"date": "2016-03-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006993"
},
{
"date": "2016-03-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-009"
},
{
"date": "2024-11-21T02:23:35.747000",
"db": "NVD",
"id": "CVE-2015-0718"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-009"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Cisco Nexus Device and Unified Computing System Run on Cisco NX-OS Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006993"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-009"
}
],
"trust": 0.6
}
}
var-201603-0292
Vulnerability from variot
The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417. Both Cisco IOS and IOSXESoftware are operating systems developed by Cisco for its network devices. A security vulnerability exists in the fragmentation code for the IKE2 version in CiscoIOS and IOSXESoftware because the program failed to properly handle fragmented IKEv2 packets. A remote attacker could exploit the vulnerability by sending a specially crafted UDP packet to cause a denial of service. This issue is being tracked by Cisco Bug ID CSCux38417. Note: The traffic only to the directed system can be exploited by this issue. The vulnerability can be triggered by IPv4 and IPv6 traffic
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0292",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.14s_3.14.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6s_3.6.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3s_3.3.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7e_3.7.3e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.13s_3.13.3s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s_3.7.6s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7e_3.7.0e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6s_3.6.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.11s_3.11.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3s_3.3.1s"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.10s_3.10.3s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7e_3.7.1e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.11s_3.11.4s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.14s_3.14.3s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.8s_3.8.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5s_3.5.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3xo_3.3.1xo"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.15s_3.15.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4sg_3.4.6sg"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s_3.7.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.8s_3.8.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s_3.7.3s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5e_3.5.1e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3sg_3.3.2sg"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.12s_3.12.3s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.8s_3.8.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4s_3.4.4s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.10s_3.10.6s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.16s_3.16.1as"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.9s_3.9.0as"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.9s_3.9.1as"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.15s_3.15.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7e_3.7.2e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.14s_3.14.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6e_3.6.2ae"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.17s_3.17.0s"
},
{
"model": "keymouse",
"scope": "eq",
"trust": 1.0,
"vendor": "zzinc",
"version": "3.08"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3sg_3.3.1sg"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s_3.7.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.10s_3.10.1xbs"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.15s_3.15.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5e_3.5.2e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.10s_3.10.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.12s_3.12.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4sg_3.4.2sg"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4s_3.4.0as"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4sg_3.4.1sg"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.13s_3.13.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s_3.7.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s_3.7.5s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.9s_3.9.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.13s_3.13.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4s_3.4.6s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.9s_3.9.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3sg_3.3.0sg"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.14s_3.14.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.12s_3.12.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.16s_3.16.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.12s_3.12.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s_3.7.4as"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6s_3.6.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.10s_3.10.5s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.13s_3.13.4s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.13s_3.13.0as"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4sg_3.4.3sg"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.16s_3.16.1s"
},
{
"model": "gs1900-10hp",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "2.50\\(aazi.0\\)c0"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.16s_3.16.0cs"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.11s_3.11.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.15s_3.15.1cs"
},
{
"model": "jr6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5e_3.5.0e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4s_3.4.3s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3xo_3.3.0xo"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.12s_3.12.4s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.10s_3.10.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s_3.7.2ts"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4sg_3.4.5sg"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6e_3.6.2e"
},
{
"model": "thinkcentre e75s",
"scope": "lt",
"trust": 1.0,
"vendor": "lenovo",
"version": "m16kt61a"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6e_3.6.3e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4sg_3.4.0sg"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.9s_3.9.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.13s_3.13.2as"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3s_3.3.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.8e_3.8.1e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4sg_3.4.7sg"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.10s_3.10.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6e_3.6.0e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.8e_3.8.0e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5s_3.5.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4sg_3.4.4sg"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5e_3.5.3e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.11s_3.11.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4s_3.4.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s_3.7.7s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.11s_3.11.3s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.10s_3.10.4s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4s_3.4.5s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3xo_3.3.2xo"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6e_3.6.1e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4s_3.4.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s_3.7.4s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5s_3.5.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.13s_3.13.1s"
},
{
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_124"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4s_3.4.2s"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "15.0 to 15.6"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.3 to 3.17"
},
{
"model": "ios",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.1\\\\\\(2\\\\\\)sg6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.5\\\\\\(1\\\\\\)s1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.2\\\\\\(2a\\\\\\)e1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.2\\\\\\(4\\\\\\)m6a"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.2\\\\\\(1\\\\\\)sy1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.2\\\\\\(2\\\\\\)e2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.4\\\\\\(3\\\\\\)s3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.5\\\\\\(1\\\\\\)t1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.2\\\\\\(4\\\\\\)gc"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.4\\\\\\(1\\\\\\)t4"
},
{
"model": "automation stratix",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "59000"
},
{
"model": "ios xe software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "automation stratix",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "590015.6.3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01920"
},
{
"db": "BID",
"id": "85311"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001908"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-354"
},
{
"db": "NVD",
"id": "CVE-2016-1344"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:ios",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:ios_xe",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001908"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "85311"
}
],
"trust": 0.3
},
"cve": "CVE-2016-1344",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-1344",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2016-01920",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-90163",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"id": "CVE-2016-1344",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-1344",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-1344",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2016-01920",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-354",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-90163",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01920"
},
{
"db": "VULHUB",
"id": "VHN-90163"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001908"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-354"
},
{
"db": "NVD",
"id": "CVE-2016-1344"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417. Both Cisco IOS and IOSXESoftware are operating systems developed by Cisco for its network devices. A security vulnerability exists in the fragmentation code for the IKE2 version in CiscoIOS and IOSXESoftware because the program failed to properly handle fragmented IKEv2 packets. A remote attacker could exploit the vulnerability by sending a specially crafted UDP packet to cause a denial of service. \nThis issue is being tracked by Cisco Bug ID CSCux38417. \nNote: The traffic only to the directed system can be exploited by this issue. The vulnerability can be triggered by IPv4 and IPv6 traffic",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1344"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001908"
},
{
"db": "CNVD",
"id": "CNVD-2016-01920"
},
{
"db": "BID",
"id": "85311"
},
{
"db": "VULHUB",
"id": "VHN-90163"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1344",
"trust": 3.4
},
{
"db": "BID",
"id": "85311",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1035382",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001908",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-354",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-01920",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-04",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-90163",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01920"
},
{
"db": "VULHUB",
"id": "VHN-90163"
},
{
"db": "BID",
"id": "85311"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001908"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-354"
},
{
"db": "NVD",
"id": "CVE-2016-1344"
}
]
},
"id": "VAR-201603-0292",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01920"
},
{
"db": "VULHUB",
"id": "VHN-90163"
}
],
"trust": 1.1984383299999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01920"
}
]
},
"last_update_date": "2024-11-23T20:15:08.632000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160323-ios-ikev2",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ios-ikev2"
},
{
"title": "cisco-sa-20160323-ios-ikev2",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/JP/113/1136/1136604_cisco-sa-20160323-ios-ikev2-j.html"
},
{
"title": "Patch for CiscoIOS and IOSXESoftwareInternetKeyExchange Denial of Service Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/73328"
},
{
"title": "Cisco IOS and IOS XE Software IKEv2 Enter the fix for the verification vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60679"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01920"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001908"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-354"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90163"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001908"
},
{
"db": "NVD",
"id": "CVE-2016-1344"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160323-ios-ikev2"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/85311"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1035382"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1344"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1344"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/sw/iosswrel/products_ios_cisco_ios_software_category_home.html"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-04"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01920"
},
{
"db": "VULHUB",
"id": "VHN-90163"
},
{
"db": "BID",
"id": "85311"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001908"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-354"
},
{
"db": "NVD",
"id": "CVE-2016-1344"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-01920"
},
{
"db": "VULHUB",
"id": "VHN-90163"
},
{
"db": "BID",
"id": "85311"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001908"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-354"
},
{
"db": "NVD",
"id": "CVE-2016-1344"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-01920"
},
{
"date": "2016-03-26T00:00:00",
"db": "VULHUB",
"id": "VHN-90163"
},
{
"date": "2016-03-23T00:00:00",
"db": "BID",
"id": "85311"
},
{
"date": "2016-03-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001908"
},
{
"date": "2016-03-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-354"
},
{
"date": "2016-03-26T01:59:01.247000",
"db": "NVD",
"id": "CVE-2016-1344"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-01920"
},
{
"date": "2017-05-12T00:00:00",
"db": "VULHUB",
"id": "VHN-90163"
},
{
"date": "2017-05-23T16:23:00",
"db": "BID",
"id": "85311"
},
{
"date": "2016-03-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001908"
},
{
"date": "2016-03-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-354"
},
{
"date": "2024-11-21T02:46:13.400000",
"db": "NVD",
"id": "CVE-2016-1344"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-354"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IOS and IOS XE of IKEv2 Denial of service in implementation (DoS) Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001908"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-354"
}
],
"trust": 0.6
}
}
var-201603-0293
Vulnerability from variot
The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410. Both Cisco IOS and IOSXESoftware are operating systems developed by Cisco for its network devices. This issue is being tracked by Cisco Bug ID CSCuv45410. The following products and versions are affected: Cisco IOS Release 12.2, Release 15.0, Release 15.2, IOS XE Release 3.2 through Release 3.7
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0293",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4sg_3.4.3sg"
},
{
"model": "gs1900-10hp",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "2.50\\(aazi.0\\)c0"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7e_3.7.0e"
},
{
"model": "jr6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7e_3.7.1e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5e_3.5.0e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3xo_3.3.0xo"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3xo_3.3.1xo"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3se_3.3.2se"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2se_3.2.3se"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4sg_3.4.5sg"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6e_3.6.2e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4sg_3.4.6sg"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3se_3.3.4se"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4sg_3.4.0sg"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5e_3.5.1e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2se_3.2.2se"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3se_3.3.3se"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6e_3.6.0e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2se_3.2.0se"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7e_3.7.2e"
},
{
"model": "core i5-9400f",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4sg_3.4.4sg"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5e_3.5.3e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6e_3.6.2ae"
},
{
"model": "keymouse",
"scope": "eq",
"trust": 1.0,
"vendor": "zzinc",
"version": "3.08"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2se_3.2.1se"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5e_3.5.2e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4sg_3.4.2sg"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3xo_3.3.2xo"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4sg_3.4.1sg"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6e_3.6.1e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3se_3.3.1se"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2ja_3.2.0ja"
},
{
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_124"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3se_3.3.0se"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3se_3.3.5se"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "15.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "15.2"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.2 to 3.7"
},
{
"model": "ios xe software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.2\\\\\\(35\\\\\\)se4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.2\\\\\\(25\\\\\\)seg3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.2\\\\\\(52\\\\\\)ex1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.2\\\\\\(44\\\\\\)se5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.2\\\\\\(58\\\\\\)se2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.2\\\\\\(25\\\\\\)sed1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.2\\\\\\(50\\\\\\)se4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.2\\\\\\(25\\\\\\)seg6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.2\\\\\\(55\\\\\\)ez"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.2\\\\\\(50\\\\\\)se"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01900"
},
{
"db": "BID",
"id": "85308"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001910"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-359"
},
{
"db": "NVD",
"id": "CVE-2016-1349"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:ios",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:ios_xe",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001910"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tenable Network Security.",
"sources": [
{
"db": "BID",
"id": "85308"
}
],
"trust": 0.3
},
"cve": "CVE-2016-1349",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-1349",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-01900",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-90168",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2016-1349",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-1349",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-1349",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2016-01900",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-359",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-90168",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01900"
},
{
"db": "VULHUB",
"id": "VHN-90168"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001910"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-359"
},
{
"db": "NVD",
"id": "CVE-2016-1349"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410. Both Cisco IOS and IOSXESoftware are operating systems developed by Cisco for its network devices. \nThis issue is being tracked by Cisco Bug ID CSCuv45410. The following products and versions are affected: Cisco IOS Release 12.2, Release 15.0, Release 15.2, IOS XE Release 3.2 through Release 3.7",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1349"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001910"
},
{
"db": "CNVD",
"id": "CNVD-2016-01900"
},
{
"db": "BID",
"id": "85308"
},
{
"db": "VULHUB",
"id": "VHN-90168"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1349",
"trust": 3.4
},
{
"db": "SECTRACK",
"id": "1035385",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001910",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-359",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-01900",
"trust": 0.6
},
{
"db": "BID",
"id": "85308",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-90168",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01900"
},
{
"db": "VULHUB",
"id": "VHN-90168"
},
{
"db": "BID",
"id": "85308"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001910"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-359"
},
{
"db": "NVD",
"id": "CVE-2016-1349"
}
]
},
"id": "VAR-201603-0293",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01900"
},
{
"db": "VULHUB",
"id": "VHN-90168"
}
],
"trust": 1.1984383299999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01900"
}
]
},
"last_update_date": "2024-11-23T22:13:19.999000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160323-smi",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-smi"
},
{
"title": "cisco-sa-20160323-smi",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/JP/113/1136/1136608_cisco-sa-20160323-smi-j.html"
},
{
"title": "Patch for CiscoIOS and IOSXESoftwareSmartInstallclient Denial of Service Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/73294"
},
{
"title": "Cisco IOS and IOS XE Software Smart Install client Fixes for feature denial of service vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60684"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01900"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001910"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-359"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90168"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001910"
},
{
"db": "NVD",
"id": "CVE-2016-1349"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160323-smi"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1035385"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1349"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1349"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/sw/iosswrel/products_ios_cisco_ios_software_category_home.html"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01900"
},
{
"db": "VULHUB",
"id": "VHN-90168"
},
{
"db": "BID",
"id": "85308"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001910"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-359"
},
{
"db": "NVD",
"id": "CVE-2016-1349"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-01900"
},
{
"db": "VULHUB",
"id": "VHN-90168"
},
{
"db": "BID",
"id": "85308"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001910"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-359"
},
{
"db": "NVD",
"id": "CVE-2016-1349"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-01900"
},
{
"date": "2016-03-26T00:00:00",
"db": "VULHUB",
"id": "VHN-90168"
},
{
"date": "2016-03-23T00:00:00",
"db": "BID",
"id": "85308"
},
{
"date": "2016-03-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001910"
},
{
"date": "2016-03-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-359"
},
{
"date": "2016-03-26T01:59:03.120000",
"db": "NVD",
"id": "CVE-2016-1349"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-01900"
},
{
"date": "2016-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-90168"
},
{
"date": "2016-03-23T00:00:00",
"db": "BID",
"id": "85308"
},
{
"date": "2016-03-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001910"
},
{
"date": "2016-03-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-359"
},
{
"date": "2024-11-21T02:46:14.013000",
"db": "NVD",
"id": "CVE-2016-1349"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-359"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IOS and IOS XE of Smart Install Service disruption in client implementation (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001910"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-359"
}
],
"trust": 0.6
}
}
var-201603-0295
Vulnerability from variot
Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 Relay message, aka Bug ID CSCus55821. Both Cisco IOS and IOSXESoftware are operating systems developed by Cisco for its network devices. Successful exploits may allow attackers to cause the device to reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCus55821
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0295",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios xe",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.7e_3.7.2e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.13s_3.13.2as"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.12s_3.12.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.12s_3.12.4s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.10s_3.10.1xbs"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.13s_3.13.4s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.16s_3.16.1as"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.14s_3.14.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6s_3.6.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.13s_3.13.3s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s_3.7.6s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7e_3.7.0e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6s_3.6.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.11s_3.11.0s"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.10s_3.10.3s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7e_3.7.1e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.11s_3.11.4s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.14s_3.14.3s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.8s_3.8.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5s_3.5.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3xo_3.3.1xo"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.15s_3.15.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s_3.7.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.8s_3.8.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s_3.7.3s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5e_3.5.1e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.12s_3.12.3s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.8s_3.8.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.10s_3.10.6s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.9s_3.9.0as"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.9s_3.9.1as"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.15s_3.15.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.14s_3.14.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6e_3.6.2ae"
},
{
"model": "keymouse",
"scope": "eq",
"trust": 1.0,
"vendor": "zzinc",
"version": "3.08"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s_3.7.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.15s_3.15.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5e_3.5.2e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.10s_3.10.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.12s_3.12.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.13s_3.13.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s_3.7.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s_3.7.5s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.9s_3.9.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.13s_3.13.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.9s_3.9.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.14s_3.14.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.16s_3.16.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.12s_3.12.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s_3.7.4as"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6s_3.6.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.10s_3.10.5s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.13s_3.13.0as"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.16s_3.16.1s"
},
{
"model": "gs1900-10hp",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "2.50\\(aazi.0\\)c0"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.16s_3.16.0cs"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.11s_3.11.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.15s_3.15.1cs"
},
{
"model": "jr6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5e_3.5.0e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3xo_3.3.0xo"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.10s_3.10.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s_3.7.2ts"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6e_3.6.2e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6e_3.6.3e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.9s_3.9.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.10s_3.10.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6e_3.6.0e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.8e_3.8.0e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5s_3.5.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5e_3.5.3e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.11s_3.11.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s_3.7.7s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.11s_3.11.3s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.10s_3.10.4s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.3xo_3.3.2xo"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.6e_3.6.1e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.7s_3.7.4s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5s_3.5.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.13s_3.13.1s"
},
{
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_124"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "15.0 to 15.5"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.3 to 3.16"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.0-15.5"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.3-3.16"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.1\\\\\\(1\\\\\\)sy5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.2\\\\\\(1\\\\\\)s2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.2\\\\\\(3\\\\\\)ea"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01906"
},
{
"db": "BID",
"id": "85310"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001909"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-358"
},
{
"db": "NVD",
"id": "CVE-2016-1348"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:ios",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:ios_xe",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001909"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "85310"
}
],
"trust": 0.3
},
"cve": "CVE-2016-1348",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-1348",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2016-01906",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-90167",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2016-1348",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-1348",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-1348",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2016-01906",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-358",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-90167",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-1348",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01906"
},
{
"db": "VULHUB",
"id": "VHN-90167"
},
{
"db": "VULMON",
"id": "CVE-2016-1348"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001909"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-358"
},
{
"db": "NVD",
"id": "CVE-2016-1348"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 Relay message, aka Bug ID CSCus55821. Both Cisco IOS and IOSXESoftware are operating systems developed by Cisco for its network devices. \nSuccessful exploits may allow attackers to cause the device to reload, denying service to legitimate users. \nThis issue is being tracked by Cisco Bug ID CSCus55821",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1348"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001909"
},
{
"db": "CNVD",
"id": "CNVD-2016-01906"
},
{
"db": "BID",
"id": "85310"
},
{
"db": "VULHUB",
"id": "VHN-90167"
},
{
"db": "VULMON",
"id": "CVE-2016-1348"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1348",
"trust": 3.5
},
{
"db": "SECTRACK",
"id": "1035381",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001909",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-358",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-01906",
"trust": 0.6
},
{
"db": "BID",
"id": "85310",
"trust": 0.5
},
{
"db": "VULHUB",
"id": "VHN-90167",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-1348",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01906"
},
{
"db": "VULHUB",
"id": "VHN-90167"
},
{
"db": "VULMON",
"id": "CVE-2016-1348"
},
{
"db": "BID",
"id": "85310"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001909"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-358"
},
{
"db": "NVD",
"id": "CVE-2016-1348"
}
]
},
"id": "VAR-201603-0295",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01906"
},
{
"db": "VULHUB",
"id": "VHN-90167"
}
],
"trust": 1.1050624999999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01906"
}
]
},
"last_update_date": "2024-11-23T22:13:19.959000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160323-dhcpv6",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-dhcpv6"
},
{
"title": "cisco-sa-20160323-dhcpv6",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/JP/113/1136/1136605_cisco-sa-20160323-dhcpv6-j.html"
},
{
"title": "Patch for CiscoIOS and IOSXESoftwareDHCPv6relay Denial of Service Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/73326"
},
{
"title": "Cisco IOS and IOS XE Software DHCPv6 Relay Remediation measures for denial of service vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60683"
},
{
"title": "Cisco: Cisco IOS and IOS XE Software DHCPv6 Relay Denial of Service Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160323-dhcpv6"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01906"
},
{
"db": "VULMON",
"id": "CVE-2016-1348"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001909"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-358"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90167"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001909"
},
{
"db": "NVD",
"id": "CVE-2016-1348"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160323-dhcpv6"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1035381"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1348"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1348"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/sw/iosswrel/products_ios_cisco_ios_software_category_home.html"
},
{
"trust": 0.3,
"url": "www.cisco.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/399.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/85310"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01906"
},
{
"db": "VULHUB",
"id": "VHN-90167"
},
{
"db": "VULMON",
"id": "CVE-2016-1348"
},
{
"db": "BID",
"id": "85310"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001909"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-358"
},
{
"db": "NVD",
"id": "CVE-2016-1348"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-01906"
},
{
"db": "VULHUB",
"id": "VHN-90167"
},
{
"db": "VULMON",
"id": "CVE-2016-1348"
},
{
"db": "BID",
"id": "85310"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001909"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-358"
},
{
"db": "NVD",
"id": "CVE-2016-1348"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-01906"
},
{
"date": "2016-03-26T00:00:00",
"db": "VULHUB",
"id": "VHN-90167"
},
{
"date": "2016-03-26T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1348"
},
{
"date": "2016-03-23T00:00:00",
"db": "BID",
"id": "85310"
},
{
"date": "2016-03-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001909"
},
{
"date": "2016-03-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-358"
},
{
"date": "2016-03-26T01:59:02.200000",
"db": "NVD",
"id": "CVE-2016-1348"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-01906"
},
{
"date": "2016-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-90167"
},
{
"date": "2016-12-03T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1348"
},
{
"date": "2016-03-23T00:00:00",
"db": "BID",
"id": "85310"
},
{
"date": "2016-03-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001909"
},
{
"date": "2016-03-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-358"
},
{
"date": "2024-11-21T02:46:13.897000",
"db": "NVD",
"id": "CVE-2016-1348"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-358"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IOS and IOS XE Software DHCPv6 Relay Denial of Service Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01906"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-358"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-358"
}
],
"trust": 0.6
}
}
var-201604-0006
Vulnerability from variot
Cisco TelePresence Server 3.1 on 7010, Mobility Services Engine (MSE) 8710, Multiparty Media 310 and 320, and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (device reload) via malformed STUN packets, aka Bug ID CSCuv01348. Run on multiple devices Cisco TelePresence Server There is a service disruption ( Device reload ) There are vulnerabilities that are put into a state. Vendors have confirmed this vulnerability Bug ID CSCuv01348 It is released as.Malformed by a third party STUN Service disruption via packets ( Device reload ) There is a possibility of being put into a state. Cisco TelePresence Server is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial of service condition, denying service to legitimate users. This issue is being tracked by Cisco bug ID CSCuv01348. MSE is a platform (Mobile Service Engine) that can provide Wi-Fi services. The platform collects, stores and manages data from wireless clients, Cisco access points and controllers
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201604-0006",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "gs1900-10hp",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "2.50\\(aazi.0\\)c0"
},
{
"model": "emc powerscale onefs",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": "8.2.2"
},
{
"model": "keymouse",
"scope": "eq",
"trust": 1.0,
"vendor": "zzinc",
"version": "3.08"
},
{
"model": "jr6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.1\\\\\\(1.95\\\\\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.1\\\\\\(1.97\\\\\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.1\\\\\\(1.96\\\\\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.1\\\\\\(1.82\\\\\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.1\\\\\\(1.98\\\\\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.1\\\\\\(1.80\\\\\\)"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007017"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-038"
},
{
"db": "NVD",
"id": "CVE-2015-6312"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:telepresence_server_software",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007017"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "85879"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6312",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-6312",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-84273",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2015-6312",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6312",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-6312",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201604-038",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-84273",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84273"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007017"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-038"
},
{
"db": "NVD",
"id": "CVE-2015-6312"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco TelePresence Server 3.1 on 7010, Mobility Services Engine (MSE) 8710, Multiparty Media 310 and 320, and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (device reload) via malformed STUN packets, aka Bug ID CSCuv01348. Run on multiple devices Cisco TelePresence Server There is a service disruption ( Device reload ) There are vulnerabilities that are put into a state. Vendors have confirmed this vulnerability Bug ID CSCuv01348 It is released as.Malformed by a third party STUN Service disruption via packets ( Device reload ) There is a possibility of being put into a state. Cisco TelePresence Server is prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to cause a denial of service condition, denying service to legitimate users. \nThis issue is being tracked by Cisco bug ID CSCuv01348. MSE is a platform (Mobile Service Engine) that can provide Wi-Fi services. The platform collects, stores and manages data from wireless clients, Cisco access points and controllers",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6312"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007017"
},
{
"db": "BID",
"id": "85879"
},
{
"db": "VULHUB",
"id": "VHN-84273"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6312",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1035500",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007017",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201604-038",
"trust": 0.7
},
{
"db": "BID",
"id": "85879",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-84273",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84273"
},
{
"db": "BID",
"id": "85879"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007017"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-038"
},
{
"db": "NVD",
"id": "CVE-2015-6312"
}
]
},
"id": "VAR-201604-0006",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84273"
}
],
"trust": 0.5050625
},
"last_update_date": "2024-11-23T22:27:02.511000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160406-cts2",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts2"
},
{
"title": "Cisco TelePresence Server Remediation measures for denial of service vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60773"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007017"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-038"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84273"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007017"
},
{
"db": "NVD",
"id": "CVE-2015-6312"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160406-cts2"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1035500"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6312"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6312"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84273"
},
{
"db": "BID",
"id": "85879"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007017"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-038"
},
{
"db": "NVD",
"id": "CVE-2015-6312"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-84273"
},
{
"db": "BID",
"id": "85879"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007017"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-038"
},
{
"db": "NVD",
"id": "CVE-2015-6312"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-06T00:00:00",
"db": "VULHUB",
"id": "VHN-84273"
},
{
"date": "2016-04-06T00:00:00",
"db": "BID",
"id": "85879"
},
{
"date": "2016-04-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007017"
},
{
"date": "2016-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-038"
},
{
"date": "2016-04-06T23:59:00.113000",
"db": "NVD",
"id": "CVE-2015-6312"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-84273"
},
{
"date": "2016-04-06T00:00:00",
"db": "BID",
"id": "85879"
},
{
"date": "2016-04-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007017"
},
{
"date": "2016-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-038"
},
{
"date": "2024-11-21T02:34:45.453000",
"db": "NVD",
"id": "CVE-2015-6312"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-038"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Run on multiple devices Cisco TelePresence Server Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007017"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-038"
}
],
"trust": 0.6
}
}
var-201602-0063
Vulnerability from variot
Cisco IOS 15.2(4)E on Industrial Ethernet 2000 devices allows remote attackers to cause a denial of service (device reload) via crafted Cisco Discovery Protocol (CDP) packets, aka Bug ID CSCuy27746. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "keymouse",
"scope": "eq",
"trust": 1.0,
"vendor": "zzinc",
"version": "3.08"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "15.2(4)e (cisco industrial ethernet 2000 series )"
},
{
"_id": null,
"model": "ios software 15.2 e",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "industrial ethernet series switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "2000"
},
{
"_id": null,
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.2\\\\\\(4\\\\\\)e"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01126"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001471"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-294"
},
{
"db": "NVD",
"id": "CVE-2016-1330"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:ios",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001471"
}
]
},
"cve": "CVE-2016-1330",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CVE-2016-1330",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CNVD-2016-01126",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "VHN-90149",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2016-1330",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-1330",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-1330",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2016-01126",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-294",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-90149",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-1330",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01126"
},
{
"db": "VULHUB",
"id": "VHN-90149"
},
{
"db": "VULMON",
"id": "CVE-2016-1330"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001471"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-294"
},
{
"db": "NVD",
"id": "CVE-2016-1330"
}
]
},
"description": {
"_id": null,
"data": "Cisco IOS 15.2(4)E on Industrial Ethernet 2000 devices allows remote attackers to cause a denial of service (device reload) via crafted Cisco Discovery Protocol (CDP) packets, aka Bug ID CSCuy27746. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1330"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001471"
},
{
"db": "CNVD",
"id": "CNVD-2016-01126"
},
{
"db": "VULHUB",
"id": "VHN-90149"
},
{
"db": "VULMON",
"id": "CVE-2016-1330"
}
],
"trust": 2.34
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2016-1330",
"trust": 3.2
},
{
"db": "SECTRACK",
"id": "1035013",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001471",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-01126",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "32462",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201602-294",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-90149",
"trust": 0.1
},
{
"db": "BID",
"id": "83258",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-1330",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01126"
},
{
"db": "VULHUB",
"id": "VHN-90149"
},
{
"db": "VULMON",
"id": "CVE-2016-1330"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001471"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-294"
},
{
"db": "NVD",
"id": "CVE-2016-1330"
}
]
},
"id": "VAR-201602-0063",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01126"
},
{
"db": "VULHUB",
"id": "VHN-90149"
}
],
"trust": 1.3666667
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01126"
}
]
},
"last_update_date": "2024-11-23T21:43:22.697000Z",
"patch": {
"_id": null,
"data": [
{
"title": "cisco-sa-20160215-ie2000",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160215-ie2000"
},
{
"title": "Patch for Cisco IOS Denial of Service Vulnerability (CNVD-2016-01126)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/71524"
},
{
"title": "Cisco: Cisco IOS Software for Cisco Industrial Ethernet 2000 Series Switches Denial of Service Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160215-ie2000"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01126"
},
{
"db": "VULMON",
"id": "CVE-2016-1330"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001471"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90149"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001471"
},
{
"db": "NVD",
"id": "CVE-2016-1330"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.5,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160215-ie2000"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1035013"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1330"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1330"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/32462"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/399.html"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/83258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01126"
},
{
"db": "VULHUB",
"id": "VHN-90149"
},
{
"db": "VULMON",
"id": "CVE-2016-1330"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001471"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-294"
},
{
"db": "NVD",
"id": "CVE-2016-1330"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-01126",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-90149",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2016-1330",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001471",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201602-294",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2016-1330",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2016-02-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-01126",
"ident": null
},
{
"date": "2016-02-15T00:00:00",
"db": "VULHUB",
"id": "VHN-90149",
"ident": null
},
{
"date": "2016-02-15T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1330",
"ident": null
},
{
"date": "2016-02-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001471",
"ident": null
},
{
"date": "2016-02-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-294",
"ident": null
},
{
"date": "2016-02-15T23:59:03.083000",
"db": "NVD",
"id": "CVE-2016-1330",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2016-02-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-01126",
"ident": null
},
{
"date": "2016-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-90149",
"ident": null
},
{
"date": "2016-12-06T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1330",
"ident": null
},
{
"date": "2016-02-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001471",
"ident": null
},
{
"date": "2016-02-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-294",
"ident": null
},
{
"date": "2024-11-21T02:46:12.007000",
"db": "NVD",
"id": "CVE-2016-1330",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-294"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Cisco Industrial Ethernet 2000 Run on device Cisco IOS Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001471"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-294"
}
],
"trust": 0.6
}
}
var-201604-0566
Vulnerability from variot
The kernel in Cisco TelePresence Server 3.0 through 4.2(4.18) on Mobility Services Engine (MSE) 8710 devices allows remote attackers to cause a denial of service (panic and reboot) via a crafted sequence of IPv6 packets, aka Bug ID CSCuu46673. Cisco TelePresence Server is prone to a denial-of-service vulnerability. Exploiting this issue allows remote attackers to trigger kernel panics, denying further service to legitimate users. This issue is being tracked by Cisco bug ID CSCuu46673
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201604-0566",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "emc powerscale onefs",
"scope": "eq",
"trust": 1.0,
"vendor": "dell",
"version": "8.2.2"
},
{
"model": "keymouse",
"scope": "eq",
"trust": 1.0,
"vendor": "zzinc",
"version": "3.08"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "jr6150",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "2017-01-06"
},
{
"model": "gs1900-10hp",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "2.50\\(aazi.0\\)c0"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.0 to 4.2(4.18)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.1\\\\\\(1.95\\\\\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.0\\\\\\(1.57\\\\\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.0\\\\\\(2.48\\\\\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.1\\\\\\(1.82\\\\\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.1\\\\\\(1.98\\\\\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.0\\\\\\(2.24\\\\\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.0\\\\\\(2.8\\\\\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.1\\\\\\(1.80\\\\\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.0\\\\\\(2.49\\\\\\)"
},
{
"model": "telepresence server software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.0\\\\\\(2.46\\\\\\)"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001948"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-049"
},
{
"db": "NVD",
"id": "CVE-2016-1346"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:telepresence_server_software",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001948"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "85891"
}
],
"trust": 0.3
},
"cve": "CVE-2016-1346",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-1346",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-90165",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"id": "CVE-2016-1346",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-1346",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-1346",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201604-049",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-90165",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90165"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001948"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-049"
},
{
"db": "NVD",
"id": "CVE-2016-1346"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The kernel in Cisco TelePresence Server 3.0 through 4.2(4.18) on Mobility Services Engine (MSE) 8710 devices allows remote attackers to cause a denial of service (panic and reboot) via a crafted sequence of IPv6 packets, aka Bug ID CSCuu46673. Cisco TelePresence Server is prone to a denial-of-service vulnerability. \nExploiting this issue allows remote attackers to trigger kernel panics, denying further service to legitimate users. \nThis issue is being tracked by Cisco bug ID CSCuu46673",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1346"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001948"
},
{
"db": "BID",
"id": "85891"
},
{
"db": "VULHUB",
"id": "VHN-90165"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1346",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1035499",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001948",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201604-049",
"trust": 0.7
},
{
"db": "BID",
"id": "85891",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-90165",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90165"
},
{
"db": "BID",
"id": "85891"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001948"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-049"
},
{
"db": "NVD",
"id": "CVE-2016-1346"
}
]
},
"id": "VAR-201604-0566",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-90165"
}
],
"trust": 0.5050625
},
"last_update_date": "2024-11-23T23:05:36.021000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160406-cts",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts"
},
{
"title": "Cisco Mobility Services Engine TelePresence Server Remediation measures for denial of service vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60784"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001948"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-049"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90165"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001948"
},
{
"db": "NVD",
"id": "CVE-2016-1346"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160406-cts"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1035499"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1346"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1346"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90165"
},
{
"db": "BID",
"id": "85891"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001948"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-049"
},
{
"db": "NVD",
"id": "CVE-2016-1346"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-90165"
},
{
"db": "BID",
"id": "85891"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001948"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-049"
},
{
"db": "NVD",
"id": "CVE-2016-1346"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-06T00:00:00",
"db": "VULHUB",
"id": "VHN-90165"
},
{
"date": "2016-04-06T00:00:00",
"db": "BID",
"id": "85891"
},
{
"date": "2016-04-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001948"
},
{
"date": "2016-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-049"
},
{
"date": "2016-04-06T23:59:13.740000",
"db": "NVD",
"id": "CVE-2016-1346"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-90165"
},
{
"date": "2016-04-06T00:00:00",
"db": "BID",
"id": "85891"
},
{
"date": "2016-04-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001948"
},
{
"date": "2016-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-049"
},
{
"date": "2024-11-21T02:46:13.650000",
"db": "NVD",
"id": "CVE-2016-1346"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-049"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Mobility Services Engine 8710 Run on device TelePresence Server Service disruption in some kernels (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001948"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-049"
}
],
"trust": 0.6
}
}
var-201602-0048
Vulnerability from variot
The Openfire server in Cisco Finesse Desktop 10.5(1) and 11.0(1) and Unified Contact Center Express 10.6(1) has a hardcoded account, which makes it easier for remote attackers to obtain access via an XMPP session, aka Bug ID CSCuw79085. Vendors have confirmed this vulnerability Bug ID CSCuw79085 It is released as.By a third party XMPP Access may be gained through a session. Attackers can exploit this issue to gain unauthorized access to the affected application. This may allow an attacker to obtain and modify sensitive information. This issue is being tracked by Cisco bug IDs CSCuw79085 and CSCuw86638. Cisco Finesse Desktop is a suite of next-generation agent and desktop management software for customer collaboration solutions; Unified CCX is a customer relationship management component of a unified communications solution. This component integrates agent application and self-service voice service, and provides functions such as call distribution and customer access control
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0048",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "gs1900-10hp",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "2.50\\(aazi.0\\)c0"
},
{
"model": "keymouse",
"scope": "eq",
"trust": 1.0,
"vendor": "zzinc",
"version": "3.08"
},
{
"model": "finesse",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "10.5(1)"
},
{
"model": "finesse",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.0(1)"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "10.6(1)"
},
{
"model": "finesse",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "10.5\\\\\\(1\\\\\\)_base"
},
{
"model": "finesse",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "11.0\\\\\\(1\\\\\\)_base"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "10.6\\\\\\(1\\\\\\)"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001493"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-143"
},
{
"db": "NVD",
"id": "CVE-2016-1307"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:finesse",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:unified_contact_center_express",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001493"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco.",
"sources": [
{
"db": "BID",
"id": "82400"
}
],
"trust": 0.3
},
"cve": "CVE-2016-1307",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2016-1307",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-90126",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2016-1307",
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-1307",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-1307",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-143",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-90126",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90126"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001493"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-143"
},
{
"db": "NVD",
"id": "CVE-2016-1307"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Openfire server in Cisco Finesse Desktop 10.5(1) and 11.0(1) and Unified Contact Center Express 10.6(1) has a hardcoded account, which makes it easier for remote attackers to obtain access via an XMPP session, aka Bug ID CSCuw79085. Vendors have confirmed this vulnerability Bug ID CSCuw79085 It is released as.By a third party XMPP Access may be gained through a session. \nAttackers can exploit this issue to gain unauthorized access to the affected application. This may allow an attacker to obtain and modify sensitive information. \nThis issue is being tracked by Cisco bug IDs CSCuw79085 and CSCuw86638. Cisco Finesse Desktop is a suite of next-generation agent and desktop management software for customer collaboration solutions; Unified CCX is a customer relationship management component of a unified communications solution. This component integrates agent application and self-service voice service, and provides functions such as call distribution and customer access control",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1307"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001493"
},
{
"db": "BID",
"id": "82400"
},
{
"db": "VULHUB",
"id": "VHN-90126"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1307",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1034921",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1034920",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001493",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201602-143",
"trust": 0.7
},
{
"db": "BID",
"id": "82400",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-90126",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90126"
},
{
"db": "BID",
"id": "82400"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001493"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-143"
},
{
"db": "NVD",
"id": "CVE-2016-1307"
}
]
},
"id": "VAR-201602-0048",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-90126"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:56:22.681000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160202-fducce",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160202-fducce"
},
{
"title": "Cisco Finesse Desktop and Unified Contact Center Express Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60091"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001493"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-143"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.9
},
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90126"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001493"
},
{
"db": "NVD",
"id": "CVE-2016-1307"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160202-fducce"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034920"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034921"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1307"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1307"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90126"
},
{
"db": "BID",
"id": "82400"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001493"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-143"
},
{
"db": "NVD",
"id": "CVE-2016-1307"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-90126"
},
{
"db": "BID",
"id": "82400"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001493"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-143"
},
{
"db": "NVD",
"id": "CVE-2016-1307"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-07T00:00:00",
"db": "VULHUB",
"id": "VHN-90126"
},
{
"date": "2016-02-02T00:00:00",
"db": "BID",
"id": "82400"
},
{
"date": "2016-02-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001493"
},
{
"date": "2016-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-143"
},
{
"date": "2016-02-07T11:59:03.880000",
"db": "NVD",
"id": "CVE-2016-1307"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-90126"
},
{
"date": "2016-07-05T21:21:00",
"db": "BID",
"id": "82400"
},
{
"date": "2016-02-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001493"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-143"
},
{
"date": "2024-11-21T02:46:09.473000",
"db": "NVD",
"id": "CVE-2016-1307"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-143"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Finesse Desktop and Unified Contact Center Express of Openfire Vulnerability to gain access rights on the server",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001493"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-143"
}
],
"trust": 0.6
}
}
var-201603-0294
Vulnerability from variot
Cisco IOS 15.3 and 15.4, Cisco IOS XE 3.8 through 3.11, and Cisco Unified Communications Manager allow remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCuj23293. Vendors have confirmed this vulnerability Bug ID CSCuj23293 It is released as.Malformed by a third party SIP Service disruption via message ( Device reload ) There is a possibility of being put into a state. An attacker can exploit this issue to cause the device to reload, denying service to legitimate users. This issue is being tracked by Cisco Bug IDs CSCuj23293 and CSCuv39370. Session Initiation Protocol (SIP) is one of the session initiation protocols. There are security vulnerabilities in the SIP protocol of several Cisco products. The following products and versions are affected: Cisco IOS Release 15.3, Release 15.4, IOS XE Release 3.8 to Release 3.11, CUCM Release 8.x, Release 9.x, Release 10.x, Release 11.x
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0294",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios xe",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.9.0as"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.8.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.9.1as"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.9.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.8.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.8.2s"
},
{
"model": "gs1900-10hp",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "2.50\\(aazi.0\\)c0"
},
{
"model": "thinkcentre e75s",
"scope": "lt",
"trust": 1.0,
"vendor": "lenovo",
"version": "m16kt61a"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.10.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.10.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.10.1xbs"
},
{
"model": "keymouse",
"scope": "eq",
"trust": 1.0,
"vendor": "zzinc",
"version": "3.08"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.9.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.9.1s"
},
{
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_124"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.11.0s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.10.2s"
},
{
"model": "unified communications manager",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "11.x"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.0(1)su1"
},
{
"model": "unified communications manager",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "10.x"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.8 to 3.11"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "10.5(2)su3"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "8.x"
},
{
"model": "unified communications manager",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "9.x"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "9.1(2)su4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "15.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "15.4"
},
{
"model": "unified communications manager 8.0 su1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "unified communications manager 8.0",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.3\\\\\\(2\\\\\\)s0a"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.3\\\\\\(1\\\\\\)t2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.3\\\\\\(2\\\\\\)t"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.3\\\\\\(2\\\\\\)t1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.3\\\\\\(2\\\\\\)s2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.4\\\\\\(1\\\\\\)t"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.3\\\\\\(1\\\\\\)t"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.3\\\\\\(1\\\\\\)t1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "15.3\\\\\\(2\\\\\\)t2"
},
{
"model": "automation stratix",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "59000"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.6.2"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.6.1"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.(2.10000.28)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.6.3"
},
{
"model": "unified communications manager be3k",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.6(4)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.6(4)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.6(3)"
},
{
"model": "unified communications manager 8.6 su3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified communications manager 8.6",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.6(1)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5.1"
},
{
"model": "unified communications manager 8.5 su4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified communications manager 8.5 su1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.4"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1"
},
{
"model": "unified communications manager 8.0 su3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0(3)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0(2)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0(1)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0(0.98000.106)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.5(0.98000.480)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "11.0(0.98000.225)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(0.98000.88)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "10.5(1.98991.13)"
},
{
"model": "ios xe software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "automation stratix",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "590015.6.3"
},
{
"model": "unified communications manager 9.1 su4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified communications manager 11.0 su1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "unified communications manager 10.5 su3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "85372"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001911"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-356"
},
{
"db": "NVD",
"id": "CVE-2016-1350"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:ios",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:ios_xe",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:unified_communications_manager",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001911"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "85372"
}
],
"trust": 0.3
},
"cve": "CVE-2016-1350",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-1350",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-90169",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2016-1350",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-1350",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-1350",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-356",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-90169",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90169"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001911"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-356"
},
{
"db": "NVD",
"id": "CVE-2016-1350"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IOS 15.3 and 15.4, Cisco IOS XE 3.8 through 3.11, and Cisco Unified Communications Manager allow remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCuj23293. Vendors have confirmed this vulnerability Bug ID CSCuj23293 It is released as.Malformed by a third party SIP Service disruption via message ( Device reload ) There is a possibility of being put into a state. \nAn attacker can exploit this issue to cause the device to reload, denying service to legitimate users. \nThis issue is being tracked by Cisco Bug IDs CSCuj23293 and CSCuv39370. Session Initiation Protocol (SIP) is one of the session initiation protocols. There are security vulnerabilities in the SIP protocol of several Cisco products. The following products and versions are affected: Cisco IOS Release 15.3, Release 15.4, IOS XE Release 3.8 to Release 3.11, CUCM Release 8.x, Release 9.x, Release 10.x, Release 11.x",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1350"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001911"
},
{
"db": "BID",
"id": "85372"
},
{
"db": "VULHUB",
"id": "VHN-90169"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1350",
"trust": 2.8
},
{
"db": "BID",
"id": "85372",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1035420",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1035421",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001911",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-356",
"trust": 0.7
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-04",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-90169",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90169"
},
{
"db": "BID",
"id": "85372"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001911"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-356"
},
{
"db": "NVD",
"id": "CVE-2016-1350"
}
]
},
"id": "VAR-201603-0294",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-90169"
}
],
"trust": 0.69181416
},
"last_update_date": "2024-11-23T20:57:42.480000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160323-sip",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-sip"
},
{
"title": "cisco-sa-20160323-sip",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/JP/113/1136/1136603_cisco-sa-20160323-sip-j.html"
},
{
"title": "Multiple Cisco product Session Initiation Protocol Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60681"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001911"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-356"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90169"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001911"
},
{
"db": "NVD",
"id": "CVE-2016-1350"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160323-sip"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/85372"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1035420"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1035421"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1350"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1350"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/sw/iosswrel/products_ios_cisco_ios_software_category_home.html"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-04"
},
{
"trust": 0.3,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160323-sip "
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90169"
},
{
"db": "BID",
"id": "85372"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001911"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-356"
},
{
"db": "NVD",
"id": "CVE-2016-1350"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-90169"
},
{
"db": "BID",
"id": "85372"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001911"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-356"
},
{
"db": "NVD",
"id": "CVE-2016-1350"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-26T00:00:00",
"db": "VULHUB",
"id": "VHN-90169"
},
{
"date": "2016-03-23T00:00:00",
"db": "BID",
"id": "85372"
},
{
"date": "2016-03-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001911"
},
{
"date": "2016-03-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-356"
},
{
"date": "2016-03-26T01:59:04.090000",
"db": "NVD",
"id": "CVE-2016-1350"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-12T00:00:00",
"db": "VULHUB",
"id": "VHN-90169"
},
{
"date": "2017-05-23T16:23:00",
"db": "BID",
"id": "85372"
},
{
"date": "2016-03-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001911"
},
{
"date": "2016-03-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-356"
},
{
"date": "2024-11-21T02:46:14.123000",
"db": "NVD",
"id": "CVE-2016-1350"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-356"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IOS and Unified Communications Manager Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001911"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-356"
}
],
"trust": 0.6
}
}
var-201602-0057
Vulnerability from variot
Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express 11.0(1); and Unity Connection 10.5(2) store a cleartext encryption key, which allows local users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuv85958. plural Cisco The product stores a plaintext encryption key, so there is a vulnerability that allows important information to be obtained. Vendors have confirmed this vulnerability Bug ID CSCuv85958 It is released as.Local users may get important information. Cisco Unified Communications Manager (also known as CallManager) and others are products of Cisco (Cisco). CallManager is a call processing component in a unified communication system. A local attacker could exploit this vulnerability to obtain sensitive information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0057",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "keymouse",
"scope": "eq",
"trust": 1.0,
"vendor": "zzinc",
"version": "3.08"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_124"
},
{
"model": "gs1900-10hp",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "2.50\\(aazi.0\\)c0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "10.5(2.10000.5)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "10.5(2.12901.1)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.0(1.10000.10)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "9.1(2.10000.28)"
},
{
"model": "unified communications manager im and presence service",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "10.5(2)"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.0(1)"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "10.5(2)"
},
{
"model": "unified communications manager im and presence service",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "10.5\\\\\\(2\\\\\\)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "9.1\\\\\\(2.10000.28\\\\\\)"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "10.5\\\\\\(2\\\\\\)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "10.5\\\\\\(2.10000.5\\\\\\)"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "11.0\\\\\\(1\\\\\\)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "11.0\\\\\\(1.10000.10\\\\\\)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "10.5\\\\\\(2.12901.1\\\\\\)"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001497"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-172"
},
{
"db": "NVD",
"id": "CVE-2016-1319"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:unified_communications_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:unified_communications_manager_im_and_presence_service",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:unified_contact_center_express",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:unity_connection",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001497"
}
]
},
"cve": "CVE-2016-1319",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2016-1319",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-90138",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2016-1319",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-1319",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-1319",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-172",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-90138",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90138"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001497"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-172"
},
{
"db": "NVD",
"id": "CVE-2016-1319"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM \u0026 Presence Service 10.5(2); Unified Contact Center Express 11.0(1); and Unity Connection 10.5(2) store a cleartext encryption key, which allows local users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuv85958. plural Cisco The product stores a plaintext encryption key, so there is a vulnerability that allows important information to be obtained. Vendors have confirmed this vulnerability Bug ID CSCuv85958 It is released as.Local users may get important information. Cisco Unified Communications Manager (also known as CallManager) and others are products of Cisco (Cisco). CallManager is a call processing component in a unified communication system. A local attacker could exploit this vulnerability to obtain sensitive information",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1319"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001497"
},
{
"db": "VULHUB",
"id": "VHN-90138"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1319",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1034959",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1034958",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1034960",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001497",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201602-172",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-90138",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90138"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001497"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-172"
},
{
"db": "NVD",
"id": "CVE-2016-1319"
}
]
},
"id": "VAR-201602-0057",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-90138"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:22:47.230000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160208-ucm",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-ucm"
},
{
"title": "Multiple Cisco Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60115"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001497"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-172"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90138"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001497"
},
{
"db": "NVD",
"id": "CVE-2016-1319"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160208-ucm"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034958"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034959"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034960"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1319"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1319"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90138"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001497"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-172"
},
{
"db": "NVD",
"id": "CVE-2016-1319"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-90138"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001497"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-172"
},
{
"db": "NVD",
"id": "CVE-2016-1319"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-09T00:00:00",
"db": "VULHUB",
"id": "VHN-90138"
},
{
"date": "2016-02-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001497"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-172"
},
{
"date": "2016-02-09T03:59:03.320000",
"db": "NVD",
"id": "CVE-2016-1319"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-90138"
},
{
"date": "2016-02-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001497"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-172"
},
{
"date": "2024-11-21T02:46:10.783000",
"db": "NVD",
"id": "CVE-2016-1319"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-172"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Cisco Vulnerabilities in which important information is obtained in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001497"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-172"
}
],
"trust": 0.6
}
}
Vulnerability from fkie_nvd
Published
2022-03-10 17:46
Modified
2024-11-21 06:50
Severity ?
Summary
ZZ Inc. KeyMouse Windows 3.08 and prior is affected by a remote code execution vulnerability during an unauthenticated update. To exploit this vulnerability, a user must trigger an update of an affected installation of KeyMouse.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://keymouse.com | Product, Vendor Advisory | |
| cve@mitre.org | https://github.com/gerr-re/cve-2022-24644/blob/main/cve-2022-24644_public-advisory.pdf | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://keymouse.com | Product, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gerr-re/cve-2022-24644/blob/main/cve-2022-24644_public-advisory.pdf | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zzinc | keymouse_firmware | 2.02 | |
| zzinc | keymouse_firmware | 3.05 | |
| zzinc | keymouse_firmware | 3.08 | |
| zzinc | keymouse | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:zzinc:keymouse_firmware:2.02:*:*:*:*:windows:*:*",
"matchCriteriaId": "6CC02B3A-2D29-44E6-89F7-5F3967F97C3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zzinc:keymouse_firmware:3.05:*:*:*:*:windows:*:*",
"matchCriteriaId": "F63ABA6C-4739-4008-A600-ED192ECC9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:zzinc:keymouse_firmware:3.08:*:*:*:*:windows:*:*",
"matchCriteriaId": "83223AC7-22F3-4FCA-B11B-B769086DCF04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zzinc:keymouse:-:*:*:*:*:*:*:*",
"matchCriteriaId": "358799FD-822A-4CDB-9AF0-206D174C7FA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ZZ Inc. KeyMouse Windows 3.08 and prior is affected by a remote code execution vulnerability during an unauthenticated update. To exploit this vulnerability, a user must trigger an update of an affected installation of KeyMouse."
},
{
"lang": "es",
"value": "ZZ Inc. KeyMouse Windows versiones 3.08 y anteriores, est\u00e1 afectado por una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota durante una actualizaci\u00f3n no autenticada. Para explotar esta vulnerabilidad, un usuario debe desencadenar una actualizaci\u00f3n de una instalaci\u00f3n afectada de KeyMouse"
}
],
"id": "CVE-2022-24644",
"lastModified": "2024-11-21T06:50:47.263",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:46:23.760",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "http://keymouse.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/gerr-re/cve-2022-24644/blob/main/cve-2022-24644_public-advisory.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "http://keymouse.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/gerr-re/cve-2022-24644/blob/main/cve-2022-24644_public-advisory.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-494"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2022-24644 (GCVE-0-2022-24644)
Vulnerability from cvelistv5
Published
2022-03-07 21:55
Modified
2024-08-03 04:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ZZ Inc. KeyMouse Windows 3.08 and prior is affected by a remote code execution vulnerability during an unauthenticated update. To exploit this vulnerability, a user must trigger an update of an affected installation of KeyMouse.
References
| ▼ | URL | Tags |
|---|---|---|
| http://keymouse.com | x_refsource_MISC | |
| https://github.com/gerr-re/cve-2022-24644/blob/main/cve-2022-24644_public-advisory.pdf | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:13:56.976Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://keymouse.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/gerr-re/cve-2022-24644/blob/main/cve-2022-24644_public-advisory.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ZZ Inc. KeyMouse Windows 3.08 and prior is affected by a remote code execution vulnerability during an unauthenticated update. To exploit this vulnerability, a user must trigger an update of an affected installation of KeyMouse."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T21:55:42",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://keymouse.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/gerr-re/cve-2022-24644/blob/main/cve-2022-24644_public-advisory.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-24644",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ZZ Inc. KeyMouse Windows 3.08 and prior is affected by a remote code execution vulnerability during an unauthenticated update. To exploit this vulnerability, a user must trigger an update of an affected installation of KeyMouse."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://keymouse.com",
"refsource": "MISC",
"url": "http://keymouse.com"
},
{
"name": "https://github.com/gerr-re/cve-2022-24644/blob/main/cve-2022-24644_public-advisory.pdf",
"refsource": "MISC",
"url": "https://github.com/gerr-re/cve-2022-24644/blob/main/cve-2022-24644_public-advisory.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-24644",
"datePublished": "2022-03-07T21:55:42",
"dateReserved": "2022-02-07T00:00:00",
"dateUpdated": "2024-08-03T04:13:56.976Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}