Details of VAR-201605-0413

ID

VAR-201605-0413

CVE

CVE-2016-1407

TITLE

Cisco IOS XR for Cisco ASR 9000 Series Aggregation Services Routers Denial of Service Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2016-03405 // CNNVD: CNNVD-201605-545

DESCRIPTION

Cisco IOS XR through 5.3.2 mishandles Local Packet Transport Services (LPTS) flow-base entries, which allows remote attackers to cause a denial of service (session drop) by making many connection attempts to open TCP ports, aka Bug ID CSCux95576. Cisco IOSXR for Cisco ASR9000 Series Aggregation Services Routers is an operating system running on 9000 Series routers. Cisco IOS XR is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause a denial-of-service condition; denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCux95576

Trust: 2.52

sources: NVD: CVE-2016-1407 // JVNDB: JVNDB-2016-002929 // CNVD: CNVD-2016-03405 // BID: 90776 // VULHUB: VHN-90226

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-03405

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xr	scope:	eq	version:	4.1.2	Trust: 1.6
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.0.2	Trust: 1.6
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.1.0	Trust: 1.6
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.0.0	Trust: 1.6
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.8.2	Trust: 1.6
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.1.1	Trust: 1.6
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.1_base	Trust: 1.6
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.2.0	Trust: 1.6
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.0.3	Trust: 1.6
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.8.3	Trust: 1.6
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.2.50	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.1.0	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.1.1.k9sec	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.2.4	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.7_base	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.4.0	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.2.0	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.8.4	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.4.2	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.3.2	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.8.1	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.3.1	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.2.2	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.4.1	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.2.1	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.3.1	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.5.0	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.6.2	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.2.3	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.4.3	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.3.3	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.1.3	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.0.0	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.3.2	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.3.0	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.3.0	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.7.0	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.2.5	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.3.2	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.6.1	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.3.1	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.0_base	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.0.1	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.2.6	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.0.4	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.2.1	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.7.2	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.0.11	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.2.4	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.0.0	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.5.3	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.5.4	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.3.0	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.3.4	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.9.1	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.0.1	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.7.1	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.3.3	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.8.0	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.3.4	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.6.3	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.2.0	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.6.0	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.7.3	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	2.0.0	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.0.1	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.2.2	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.2.3	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.2.1	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.5.2	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.6_base	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.1.2	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.9.3	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.9.2	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.0_base	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	3.9.0	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.2.2	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.2.4	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	4.2.3	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	lte	version:	5.3.2	Trust: 0.8
vendor:	cisco	model:	ios xr lpts	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2016-03405 // JVNDB: JVNDB-2016-002929 // CNNVD: CNNVD-201605-545 // NVD: CVE-2016-1407

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-1407
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-1407
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2016-03405
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201605-545
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-90226
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-1407
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2016-03405
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-90226
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-1407
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2016-03405 // VULHUB: VHN-90226 // JVNDB: JVNDB-2016-002929 // CNNVD: CNNVD-201605-545 // NVD: CVE-2016-1407

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-90226 // JVNDB: JVNDB-2016-002929 // NVD: CVE-2016-1407

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201605-545

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201605-545

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-002929

PATCH

title:	cisco-sa-20160519-ios-xr	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160519-ios-xr	Trust: 0.8
title:	Cisco IOSXR for Cisco ASR9000 Series AggregationServicesRouters Denial of Service Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/76258	Trust: 0.6
title:	Cisco IOS XR for Cisco ASR 9000 Series Aggregation Services Routers Remediation measures for denial of service vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61859	Trust: 0.6

sources: CNVD: CNVD-2016-03405 // JVNDB: JVNDB-2016-002929 // CNNVD: CNNVD-201605-545

EXTERNAL IDS

db:	NVD	id:	CVE-2016-1407	Trust: 3.4
db:	SECTRACK	id:	1035934	Trust: 1.1
db:	JVNDB	id:	JVNDB-2016-002929	Trust: 0.8
db:	CNNVD	id:	CNNVD-201605-545	Trust: 0.7
db:	CNVD	id:	CNVD-2016-03405	Trust: 0.6
db:	BID	id:	90776	Trust: 0.4
db:	VULHUB	id:	VHN-90226	Trust: 0.1

sources: CNVD: CNVD-2016-03405 // VULHUB: VHN-90226 // BID: 90776 // JVNDB: JVNDB-2016-002929 // CNNVD: CNNVD-201605-545 // NVD: CVE-2016-1407

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160519-ios-xr	Trust: 2.3
url:	http://www.securitytracker.com/id/1035934	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1407	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1407	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3
url:	http://www.cisco.com/en/us/products/ps5845/index.html	Trust: 0.3

sources: CNVD: CNVD-2016-03405 // VULHUB: VHN-90226 // BID: 90776 // JVNDB: JVNDB-2016-002929 // CNNVD: CNNVD-201605-545 // NVD: CVE-2016-1407

CREDITS

Cisco

Trust: 0.3

sources: BID: 90776

SOURCES

db:	CNVD	id:	CNVD-2016-03405
db:	VULHUB	id:	VHN-90226
db:	BID	id:	90776
db:	JVNDB	id:	JVNDB-2016-002929
db:	CNNVD	id:	CNNVD-201605-545
db:	NVD	id:	CVE-2016-1407

LAST UPDATE DATE

2024-11-23T22:30:58.936000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-03405	date:	2016-05-23T00:00:00
db:	VULHUB	id:	VHN-90226	date:	2016-12-01T00:00:00
db:	BID	id:	90776	date:	2016-05-19T00:00:00
db:	JVNDB	id:	JVNDB-2016-002929	date:	2016-06-06T00:00:00
db:	CNNVD	id:	CNNVD-201605-545	date:	2016-05-25T00:00:00
db:	NVD	id:	CVE-2016-1407	date:	2024-11-21T02:46:23.070

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-03405	date:	2016-05-23T00:00:00
db:	VULHUB	id:	VHN-90226	date:	2016-05-25T00:00:00
db:	BID	id:	90776	date:	2016-05-19T00:00:00
db:	JVNDB	id:	JVNDB-2016-002929	date:	2016-05-27T00:00:00
db:	CNNVD	id:	CNNVD-201605-545	date:	2016-05-20T00:00:00
db:	NVD	id:	CVE-2016-1407	date:	2016-05-25T01:59:10.773