Details of VAR-201607-0420

ID

VAR-201607-0420

CVE

CVE-2016-1426

TITLE

Cisco NCS 6000 Run on device IOS XR Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2016-003777

DESCRIPTION

Cisco IOS XR 5.x through 5.2.5 on NCS 6000 devices allows remote attackers to cause a denial of service (timer consumption and Route Processor reload) via crafted SSH traffic, aka Bug ID CSCux76819. The Cisco IOSXRonNCS6000 is a set of operating systems running on 6000 series routers from Cisco. A denial of service vulnerability exists in Cisco IOSXR 5.x through 5.2.5 on the NCS6000 device due to a program failing to properly manage system timer resources. A remote attacker could exploit the vulnerability by sending a large number of SecureShell (SSH) connections to cause a denial of service (timer consumption and RouteProcessor overloading). Cisco IOS XR is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to reload the affected device, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCux76819. Cisco IOS XR for Cisco Network Convergence System 6000 (NCS 6000) is vulnerable

Trust: 2.52

sources: NVD: CVE-2016-1426 // JVNDB: JVNDB-2016-003777 // CNVD: CNVD-2016-05059 // BID: 91748 // VULHUB: VHN-90245

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-05059

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xr	scope:	eq	version:	5.2.0	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.2.2	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.2.1	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.1.0	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.1.1.k9sec	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.2.5	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.2.4	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.1.2	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.0_base	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.1.1	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.0.1	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.1.3	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.0.0	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.2.3	Trust: 1.0
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.2.5 for up to 5.x	Trust: 0.8
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.*<=5.2.5	Trust: 0.6
vendor:	cisco	model:	network convergence system 6000	scope:	eq	version:	-	Trust: 0.6
vendor:	cisco	model:	ios xr for cisco network convergence system	scope:	eq	version:	60000	Trust: 0.3

sources: CNVD: CNVD-2016-05059 // BID: 91748 // JVNDB: JVNDB-2016-003777 // CNNVD: CNNVD-201607-425 // NVD: CVE-2016-1426

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-1426
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-1426
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2016-05059
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201607-425
value:	HIGH
Trust: 0.6
VULHUB:	VHN-90245
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2016-1426
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2016-05059
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-90245
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-1426
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2016-05059 // VULHUB: VHN-90245 // JVNDB: JVNDB-2016-003777 // CNNVD: CNNVD-201607-425 // NVD: CVE-2016-1426

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-90245 // JVNDB: JVNDB-2016-003777 // NVD: CVE-2016-1426

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201607-425

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201607-425

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-003777

PATCH

title:	cisco-sa-20160713-ncs6k	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160713-ncs6k	Trust: 0.8
title:	Cisco IOSXR for Cisco Network ConvergenceSystem Denial of Service Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/79341	Trust: 0.6
title:	Cisco IOS XR for Cisco Network Convergence System 6000 Remediation measures for remote denial of service vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=62967	Trust: 0.6

sources: CNVD: CNVD-2016-05059 // JVNDB: JVNDB-2016-003777 // CNNVD: CNNVD-201607-425

EXTERNAL IDS

db:	NVD	id:	CVE-2016-1426	Trust: 3.4
db:	BID	id:	91748	Trust: 2.6
db:	SECTRACK	id:	1036295	Trust: 1.1
db:	JVNDB	id:	JVNDB-2016-003777	Trust: 0.8
db:	CNNVD	id:	CNNVD-201607-425	Trust: 0.7
db:	CNVD	id:	CNVD-2016-05059	Trust: 0.6
db:	VULHUB	id:	VHN-90245	Trust: 0.1

sources: CNVD: CNVD-2016-05059 // VULHUB: VHN-90245 // BID: 91748 // JVNDB: JVNDB-2016-003777 // CNNVD: CNNVD-201607-425 // NVD: CVE-2016-1426

REFERENCES

url:	http://www.securityfocus.com/bid/91748	Trust: 2.3
url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160713-ncs6k	Trust: 2.0
url:	http://www.securitytracker.com/id/1036295	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1426	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1426	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2016-05059 // VULHUB: VHN-90245 // BID: 91748 // JVNDB: JVNDB-2016-003777 // CNNVD: CNNVD-201607-425 // NVD: CVE-2016-1426

CREDITS

Cisco

Trust: 0.9

sources: BID: 91748 // CNNVD: CNNVD-201607-425

SOURCES

db:	CNVD	id:	CNVD-2016-05059
db:	VULHUB	id:	VHN-90245
db:	BID	id:	91748
db:	JVNDB	id:	JVNDB-2016-003777
db:	CNNVD	id:	CNNVD-201607-425
db:	NVD	id:	CVE-2016-1426

LAST UPDATE DATE

2024-11-23T22:56:21.628000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-05059	date:	2016-07-21T00:00:00
db:	VULHUB	id:	VHN-90245	date:	2017-09-01T00:00:00
db:	BID	id:	91748	date:	2016-07-13T00:00:00
db:	JVNDB	id:	JVNDB-2016-003777	date:	2016-07-21T00:00:00
db:	CNNVD	id:	CNNVD-201607-425	date:	2016-07-18T00:00:00
db:	NVD	id:	CVE-2016-1426	date:	2024-11-21T02:46:25.337

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-05059	date:	2016-07-21T00:00:00
db:	VULHUB	id:	VHN-90245	date:	2016-07-15T00:00:00
db:	BID	id:	91748	date:	2016-07-13T00:00:00
db:	JVNDB	id:	JVNDB-2016-003777	date:	2016-07-21T00:00:00
db:	CNNVD	id:	CNNVD-201607-425	date:	2016-07-15T00:00:00
db:	NVD	id:	CVE-2016-1426	date:	2016-07-15T16:59:00.157