Sign-up

ID

VAR-201602-0063


CVE

CVE-2016-1330


TITLE

Cisco Industrial Ethernet 2000 Run on device Cisco IOS Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2016-001471

DESCRIPTION

Cisco IOS 15.2(4)E on Industrial Ethernet 2000 devices allows remote attackers to cause a denial of service (device reload) via crafted Cisco Discovery Protocol (CDP) packets, aka Bug ID CSCuy27746. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches

Trust: 2.34

sources: NVD: CVE-2016-1330 // JVNDB: JVNDB-2016-001471 // CNVD: CNVD-2016-01126 // VULHUB: VHN-90149 // VULMON: CVE-2016-1330

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2016-01126

AFFECTED PRODUCTS

vendor:zzincmodel:keymousescope:eqversion:3.08

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2(4)e (cisco industrial ethernet 2000 series )

Trust: 0.8

vendor:ciscomodel:ios software 15.2 escope: - version: -

Trust: 0.6

vendor:ciscomodel:industrial ethernet series switchesscope:eqversion:2000

Trust: 0.6

vendor:ciscomodel:iosscope:eqversion:15.2\\\(4\\\)e

Trust: 0.6

sources: CNVD: CNVD-2016-01126 // JVNDB: JVNDB-2016-001471 // CNNVD: CNNVD-201602-294 // NVD: CVE-2016-1330

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-1330
value: MEDIUM

Trust: 1.0

NVD: CVE-2016-1330
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2016-01126
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201602-294
value: MEDIUM

Trust: 0.6

VULHUB: VHN-90149
value: MEDIUM

Trust: 0.1

VULMON: CVE-2016-1330
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-1330
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2016-01126
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-90149
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-1330
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.0

Trust: 1.0

sources: CNVD: CNVD-2016-01126 // VULHUB: VHN-90149 // VULMON: CVE-2016-1330 // JVNDB: JVNDB-2016-001471 // CNNVD: CNNVD-201602-294 // NVD: CVE-2016-1330

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.9

sources: VULHUB: VHN-90149 // JVNDB: JVNDB-2016-001471 // NVD: CVE-2016-1330

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201602-294

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201602-294

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-001471

PATCH
title:cisco-sa-20160215-ie2000url:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160215-ie2000
Trust: 0.8
title:Patch for Cisco IOS Denial of Service Vulnerability (CNVD-2016-01126)url:https://www.cnvd.org.cn/patchInfo/show/71524
Trust: 0.6
title:Cisco: Cisco IOS Software for Cisco Industrial Ethernet 2000 Series Switches Denial of Service Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20160215-ie2000
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-01126 // 
            
            
            
            VULMON: CVE-2016-1330 // 
            
            
            
            JVNDB: JVNDB-2016-001471

EXTERNAL IDS
db:NVDid:CVE-2016-1330
Trust: 3.2
db:SECTRACKid:1035013
Trust: 1.2
db:JVNDBid:JVNDB-2016-001471
Trust: 0.8
db:CNVDid:CNVD-2016-01126
Trust: 0.6
db:NSFOCUSid:32462
Trust: 0.6
db:CNNVDid:CNNVD-201602-294
Trust: 0.6
db:VULHUBid:VHN-90149
Trust: 0.1
db:BIDid:83258
Trust: 0.1
db:VULMONid:CVE-2016-1330
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-01126 // 
            
            
            
            VULHUB: VHN-90149 // 
            
            
            
            VULMON: CVE-2016-1330 // 
            
            
            
            JVNDB: JVNDB-2016-001471 // 
            
            
            
            CNNVD: CNNVD-201602-294 // 
            
            
            
            NVD: CVE-2016-1330

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160215-ie2000
Trust: 2.5
url:http://www.securitytracker.com/id/1035013
Trust: 1.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1330
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1330
Trust: 0.8
url:http://www.nsfocus.net/vulndb/32462
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/399.html
Trust: 0.1
url:https://www.securityfocus.com/bid/83258
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-01126 // 
            
            
            
            VULHUB: VHN-90149 // 
            
            
            
            VULMON: CVE-2016-1330 // 
            
            
            
            JVNDB: JVNDB-2016-001471 // 
            
            
            
            CNNVD: CNNVD-201602-294 // 
            
            
            
            NVD: CVE-2016-1330

SOURCES
db:CNVDid:CNVD-2016-01126
db:VULHUBid:VHN-90149
db:VULMONid:CVE-2016-1330
db:JVNDBid:JVNDB-2016-001471
db:CNNVDid:CNNVD-201602-294
db:NVDid:CVE-2016-1330

LAST UPDATE DATE
2024-11-23T21:43:22.697000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2016-01126date:2016-02-18T00:00:00
db:VULHUBid:VHN-90149date:2016-12-06T00:00:00
db:VULMONid:CVE-2016-1330date:2016-12-06T00:00:00
db:JVNDBid:JVNDB-2016-001471date:2016-02-23T00:00:00
db:CNNVDid:CNNVD-201602-294date:2016-02-16T00:00:00
db:NVDid:CVE-2016-1330date:2024-11-21T02:46:12.007

SOURCES RELEASE DATE
db:CNVDid:CNVD-2016-01126date:2016-02-18T00:00:00
db:VULHUBid:VHN-90149date:2016-02-15T00:00:00
db:VULMONid:CVE-2016-1330date:2016-02-15T00:00:00
db:JVNDBid:JVNDB-2016-001471date:2016-02-23T00:00:00
db:CNNVDid:CNNVD-201602-294date:2016-02-16T00:00:00
db:NVDid:CVE-2016-1330date:2016-02-15T23:59:03.083