cvelistv5 - cve-2016-6423

CVE-2016-6423 (GCVE-0-2016-6423)

Vulnerability from cvelistv5

Published

2016-10-05 20:00

Modified

2024-08-06 01:29

Severity ?

CWE

Summary

References

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

gsd-2016-6423

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2016-6423

Aliases

CVE-2016-6423

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-6423",
    "description": "The IKEv2 client and initiator implementations in Cisco IOS 15.5(3)M and IOS XE allow remote IKEv2 servers to cause a denial of service (device reload) via crafted IKEv2 packets, aka Bug ID CSCux97540.",
    "id": "GSD-2016-6423"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-6423"
      ],
      "details": "The IKEv2 client and initiator implementations in Cisco IOS 15.5(3)M and IOS XE allow remote IKEv2 servers to cause a denial of service (device reload) via crafted IKEv2 packets, aka Bug ID CSCux97540.",
      "id": "GSD-2016-6423",
      "modified": "2023-12-13T01:21:23.776638Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2016-6423",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The IKEv2 client and initiator implementations in Cisco IOS 15.5(3)M and IOS XE allow remote IKEv2 servers to cause a denial of service (device reload) via crafted IKEv2 packets, aka Bug ID CSCux97540."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1036955",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1036955"
          },
          {
            "name": "93411",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/93411"
          },
          {
            "name": "20161005 Cisco IOS and IOS XE IKEv2 Denial of Service Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ios-ikev"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2016-6423"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The IKEv2 client and initiator implementations in Cisco IOS 15.5(3)M and IOS XE allow remote IKEv2 servers to cause a denial of service (device reload) via crafted IKEv2 packets, aka Bug ID CSCux97540."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20161005 Cisco IOS and IOS XE IKEv2 Denial of Service Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ios-ikev"
            },
            {
              "name": "93411",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/93411"
            },
            {
              "name": "1036955",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1036955"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 6.8,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2017-07-30T01:29Z",
      "publishedDate": "2016-10-05T20:59Z"
    }
  }
}

ghsa-f765-58h8-hwq6

Vulnerability from github

Published

2022-05-17 02:21

Modified

2022-05-17 02:21

Severity ?

6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-6423"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-10-05T20:59:00Z",
    "severity": "MODERATE"
  },
  "details": "The IKEv2 client and initiator implementations in Cisco IOS 15.5(3)M and IOS XE allow remote IKEv2 servers to cause a denial of service (device reload) via crafted IKEv2 packets, aka Bug ID CSCux97540.",
  "id": "GHSA-f765-58h8-hwq6",
  "modified": "2022-05-17T02:21:49Z",
  "published": "2022-05-17T02:21:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6423"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ios-ikev"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/93411"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1036955"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

cnvd-2016-09465

Vulnerability from cnvd

Title

Cisco IOS XE拒绝服务漏洞（CNVD-2016-09465）

Description

Cisco IOS XE是美国思科（Cisco）公司的下一代网络运营商路由系统，一个完全模块化完全分布式的网络互联操作系统。 Cisco IOS XE存在拒绝服务漏洞，允许攻击者通过特制的IKEv2数据包，利用该漏洞造成拒绝服务（设备重载）。

Severity

中

Patch Name

Cisco IOS XE拒绝服务漏洞（CNVD-2016-09465）的补丁

Patch Description

Cisco IOS XE是美国思科（Cisco）公司的下一代网络运营商路由系统，一个完全模块化完全分布式的网络互联操作系统。 Cisco IOS XE存在拒绝服务漏洞，允许攻击者通过特制的IKEv2数据包，利用该漏洞造成拒绝服务（设备重载）。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞： http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ios-ikev

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ios-ikev

Impacted products

Name
Cisco IOS XE

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-6423"
    }
  },
  "description": "Cisco IOS XE\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e0b\u4e00\u4ee3\u7f51\u7edc\u8fd0\u8425\u5546\u8def\u7531\u7cfb\u7edf\uff0c\u4e00\u4e2a\u5b8c\u5168\u6a21\u5757\u5316\u5b8c\u5168\u5206\u5e03\u5f0f\u7684\u7f51\u7edc\u4e92\u8054\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nCisco IOS XE\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u901a\u8fc7\u7279\u5236\u7684IKEv2\u6570\u636e\u5305\uff0c\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u8bbe\u5907\u91cd\u8f7d\uff09\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u53d6\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ios-ikev",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-09465",
  "openTime": "2016-10-19",
  "patchDescription": "Cisco IOS XE\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e0b\u4e00\u4ee3\u7f51\u7edc\u8fd0\u8425\u5546\u8def\u7531\u7cfb\u7edf\uff0c\u4e00\u4e2a\u5b8c\u5168\u6a21\u5757\u5316\u5b8c\u5168\u5206\u5e03\u5f0f\u7684\u7f51\u7edc\u4e92\u8054\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nCisco IOS XE\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u901a\u8fc7\u7279\u5236\u7684IKEv2\u6570\u636e\u5305\uff0c\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u8bbe\u5907\u91cd\u8f7d\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco IOS XE\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2016-09465\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Cisco IOS XE"
  },
  "referenceLink": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ios-ikev",
  "serverity": "\u4e2d",
  "submitTime": "2016-10-13",
  "title": "Cisco IOS XE\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2016-09465\uff09"
}

fkie_cve-2016-6423

Vulnerability from fkie_nvd

Published

2016-10-05 20:59

Modified

2025-04-12 10:46

Severity ?

6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ios-ikev	Vendor Advisory
psirt@cisco.com	http://www.securityfocus.com/bid/93411
psirt@cisco.com	http://www.securitytracker.com/id/1036955
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ios-ikev	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/93411
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1036955

Impacted products

	Vendor	Product	Version
	cisco	ios	15.5\(3\)m

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m:*:*:*:*:*:*:*",
              "matchCriteriaId": "716EC9AA-0569-4FA7-A244-1A14FA15C5AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The IKEv2 client and initiator implementations in Cisco IOS 15.5(3)M and IOS XE allow remote IKEv2 servers to cause a denial of service (device reload) via crafted IKEv2 packets, aka Bug ID CSCux97540."
    },
    {
      "lang": "es",
      "value": "Las implementaciones cliente e iniciador IKEv2 en Cisco IOS 15.5(3)M e IOS XE permiten a servidores IKEv2 remotos provocar una denegaci\u00f3n de servicio (recarga del dispositivo) a trav\u00e9s de paquetes IKEv2 manipulados, vulnerabilidad tambi\u00e9n conocida como ID CSCux97540."
    }
  ],
  "id": "CVE-2016-6423",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-10-05T20:59:10.120",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ios-ikev"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/93411"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1036955"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ios-ikev"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/93411"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1036955"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

De multiples vulnérabilités ont été corrigées dans les produits Cisco. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

De multiples produits sont impactés. Se référer au bulletin de l'éditeur pour la liste exhaustive des produits.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20161005-ios-ikev du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-bgp du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-nxaaa du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-ucis3 du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-chs du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-dhcp2 du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-ftmc du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-asa-dhcp du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-catalyst du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-ftmc2 du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-ucis1 du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-n9kinfo du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-dhcp1 du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-ftmc1 du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-otv du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-iosxr du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-ucis2 du 05 octobre 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20161005-ucis1 du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-ios-ikev du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-chs du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-dhcp2 du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-ucis2 du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-dhcp1 du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-n9kinfo du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-catalyst du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-ftmc2 du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-bgp du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-iosxr du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-otv du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-ucis3 du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-asa-dhcp du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-ftmc1 du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-nxaaa du 05 octobre 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20161005-ftmc du 05 octobre 2016	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eDe multiples produits sont impact\u00e9s. Se r\u00e9f\u00e9rer au bulletin de  l\u0027\u00e9diteur pour la liste exhaustive des produits.\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-1454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1454"
    },
    {
      "name": "CVE-2016-1455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1455"
    },
    {
      "name": "CVE-2016-6425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6425"
    },
    {
      "name": "CVE-2016-6433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6433"
    },
    {
      "name": "CVE-2016-6422",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6422"
    },
    {
      "name": "CVE-2016-6434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6434"
    },
    {
      "name": "CVE-2016-6427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6427"
    },
    {
      "name": "CVE-2016-6426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6426"
    },
    {
      "name": "CVE-2016-6423",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6423"
    },
    {
      "name": "CVE-2015-0721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0721"
    },
    {
      "name": "CVE-2016-6428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6428"
    },
    {
      "name": "CVE-2015-6393",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6393"
    },
    {
      "name": "CVE-2016-1453",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1453"
    },
    {
      "name": "CVE-2016-6435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6435"
    },
    {
      "name": "CVE-2016-6436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6436"
    },
    {
      "name": "CVE-2015-6392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6392"
    },
    {
      "name": "CVE-2016-6424",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6424"
    }
  ],
  "initial_release_date": "2016-10-06T00:00:00",
  "last_revision_date": "2016-10-06T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ucis1 du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ucis1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ios-ikev du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ios-ikev"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-chs du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-chs"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-dhcp2 du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp2"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ucis2 du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ucis2"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-dhcp1 du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-n9kinfo du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-n9kinfo"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-catalyst du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-catalyst"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ftmc2 du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ftmc2"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-bgp du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-iosxr du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-iosxr"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-otv du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-otv"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ucis3 du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ucis3"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-asa-dhcp du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-asa-dhcp"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ftmc1 du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ftmc1"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-nxaaa du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ftmc du 05    octobre 2016",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ftmc"
    }
  ],
  "reference": "CERTFR-2016-AVI-331",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-10-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eCisco\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\nd\u00e9ni de service \u00e0 distance et un contournement de la politique de\ns\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ios-ikev du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-bgp du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-nxaaa du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ucis3 du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-chs du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-dhcp2 du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ftmc du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-asa-dhcp du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-catalyst du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ftmc2 du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ucis1 du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-n9kinfo du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-dhcp1 du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ftmc1 du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-otv du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-iosxr du 05 octobre 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20161005-ucis2 du 05 octobre 2016",
      "url": null
    }
  ]
}

var-201610-0274

Vulnerability from variot

The IKEv2 client and initiator implementations in Cisco IOS 15.5(3)M and IOS XE allow remote IKEv2 servers to cause a denial of service (device reload) via crafted IKEv2 packets, aka Bug ID CSCux97540. Cisco IOSXE is Cisco's next-generation network operator routing system, a fully modular and fully distributed network interconnection operating system. Cisco IOS and IOS XE Software are prone to a denial-of-service vulnerability. This issue is being tracked by Cisco Bug ID CSCux97540

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201610-0274",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "15.5\\(3\\)m"
      },
      {
        "model": "ios xe",
        "scope": null,
        "trust": 1.4,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "15.5(3)m"
      },
      {
        "model": "ios xe software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-09465"
      },
      {
        "db": "BID",
        "id": "93411"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005162"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-078"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6423"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:cisco:ios",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:cisco:ios_xe",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005162"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco.",
    "sources": [
      {
        "db": "BID",
        "id": "93411"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2016-6423",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.8,
            "id": "CVE-2016-6423",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.8,
            "id": "CNVD-2016-09465",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.8,
            "id": "VHN-95243",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:S/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.8,
            "id": "CVE-2016-6423",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2016-6423",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2016-6423",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2016-09465",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201610-078",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-95243",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-09465"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95243"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005162"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-078"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6423"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The IKEv2 client and initiator implementations in Cisco IOS 15.5(3)M and IOS XE allow remote IKEv2 servers to cause a denial of service (device reload) via crafted IKEv2 packets, aka Bug ID CSCux97540. Cisco IOSXE is Cisco\u0027s next-generation network operator routing system, a fully modular and fully distributed network interconnection operating system. Cisco IOS and IOS XE Software are prone to a denial-of-service vulnerability. \nThis issue is being tracked by Cisco Bug ID CSCux97540",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-6423"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005162"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-09465"
      },
      {
        "db": "BID",
        "id": "93411"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95243"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-6423",
        "trust": 3.4
      },
      {
        "db": "SECTRACK",
        "id": "1036955",
        "trust": 1.7
      },
      {
        "db": "BID",
        "id": "93411",
        "trust": 1.4
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005162",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-078",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-09465",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-95243",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-09465"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95243"
      },
      {
        "db": "BID",
        "id": "93411"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005162"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-078"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6423"
      }
    ]
  },
  "id": "VAR-201610-0274",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-09465"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95243"
      }
    ],
    "trust": 1.29181416
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-09465"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:42:44.446000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20161005-ios-ikev",
        "trust": 0.8,
        "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ios-ikev"
      },
      {
        "title": "Patch for Cisco IOSXE Denial of Service Vulnerability (CNVD-2016-09465)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/82552"
      },
      {
        "title": "Cisco IOS  and IOS XE Remediation measures for denial of service vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64506"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-09465"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005162"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-078"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-399",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-95243"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005162"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6423"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20161005-ios-ikev"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/93411"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1036955"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6423"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6423"
      },
      {
        "trust": 0.6,
        "url": "http://securitytracker.com/id/1036955"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/en/us/products/sw/iosswrel/products_ios_cisco_ios_software_category_home.html"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-09465"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95243"
      },
      {
        "db": "BID",
        "id": "93411"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005162"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-078"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6423"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-09465"
      },
      {
        "db": "VULHUB",
        "id": "VHN-95243"
      },
      {
        "db": "BID",
        "id": "93411"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005162"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-078"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6423"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-10-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-09465"
      },
      {
        "date": "2016-10-05T00:00:00",
        "db": "VULHUB",
        "id": "VHN-95243"
      },
      {
        "date": "2016-10-05T00:00:00",
        "db": "BID",
        "id": "93411"
      },
      {
        "date": "2016-10-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-005162"
      },
      {
        "date": "2016-10-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201610-078"
      },
      {
        "date": "2016-10-05T20:59:10.120000",
        "db": "NVD",
        "id": "CVE-2016-6423"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-10-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-09465"
      },
      {
        "date": "2017-07-30T00:00:00",
        "db": "VULHUB",
        "id": "VHN-95243"
      },
      {
        "date": "2016-10-10T07:02:00",
        "db": "BID",
        "id": "93411"
      },
      {
        "date": "2016-10-13T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-005162"
      },
      {
        "date": "2016-10-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201610-078"
      },
      {
        "date": "2024-11-21T02:56:06.120000",
        "db": "NVD",
        "id": "CVE-2016-6423"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-078"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco IOS and  IOS XE of  IKEv2 Service disruption in client and initiator implementations  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-005162"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201610-078"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2016-6423 (GCVE-0-2016-6423)

Vulnerability from cvelistv5

gsd-2016-6423

Vulnerability from gsd

ghsa-f765-58h8-hwq6

Vulnerability from github

cnvd-2016-09465

Vulnerability from cnvd

fkie_cve-2016-6423

Vulnerability from fkie_nvd

CERTFR-2016-AVI-331

Vulnerability from certfr_avis

Solution

var-201610-0274

Vulnerability from variot

Tags

Sightings

Nomenclature