Details of VAR-201609-0354

ID

VAR-201609-0354

CVE

CVE-2016-6376

TITLE

Cisco Wireless LAN Controller Device Adaptive wIPS Service disruption in functionality (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2016-004516

DESCRIPTION

The Adaptive Wireless Intrusion Prevention System (wIPS) feature on Cisco Wireless LAN Controller (WLC) devices before 8.0.140.0, 8.1.x and 8.2.x before 8.2.121.0, and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device restart) via a malformed wIPS packet, aka Bug ID CSCuz40263. Vendors have confirmed this vulnerability Bug ID CSCuz40263 It is released as.Malformed by a third party wIPS Service disruption via packets ( Reboot device ) There is a possibility of being put into a state. The Cisco Wireless LAN Controller is a Cisco Wireless LAN Controller. Cisco Wireless LANController has a denial of service vulnerability that allows an attacker to initiate a denial of service attack. Attackers can exploit this issue to cause denial-of-service conditions. This issue is being tracked by Cisco Bug ID CSCuz40263

Trust: 2.52

sources: NVD: CVE-2016-6376 // JVNDB: JVNDB-2016-004516 // CNVD: CNVD-2016-07077 // BID: 92716 // VULHUB: VHN-95196

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-07077

AFFECTED PRODUCTS

vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.0.121.0	Trust: 2.5
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.0.120.0	Trust: 2.5
vendor:	cisco	model:	wireless lan controller 7.0	scope:	eq	version:	250.0	Trust: 1.6
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.1.104.37	Trust: 1.6
vendor:	cisco	model:	wireless lan controller 7.2	scope:	eq	version:	103.0	Trust: 1.6
vendor:	cisco	model:	wireless lan controller 7.4	scope:	eq	version:	1.19	Trust: 1.6
vendor:	cisco	model:	wireless lan controller 7.0	scope:	eq	version:	252.0	Trust: 1.6
vendor:	cisco	model:	wireless lan controller 7.0	scope:	eq	version:	220.0	Trust: 1.6
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.4_base	Trust: 1.6
vendor:	cisco	model:	wireless lan controller 7.1	scope:	eq	version:	91.0	Trust: 1.6
vendor:	cisco	model:	wireless lan controller 7.4	scope:	eq	version:	1.54	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	4.1.181.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller 6.0	scope:	eq	version:	196.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.0.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	4.2.117.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.6.110.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.0.0.30220.385	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.6.120.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller 7.0	scope:	eq	version:	98.218	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	3.2.150.10	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.6.130.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	4.2.61.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	5.0.148.2	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.3.101.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.3_base	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	4.0.179.8	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	4.2.112.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	5.2.169.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.5_base	Trust: 1.0
vendor:	cisco	model:	wireless lan controller 6.0	scope:	eq	version:	199.4	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.4.100	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	3.2.150.6	Trust: 1.0
vendor:	cisco	model:	wireless lan controller 7.0	scope:	eq	version:	98.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	4.2.173.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	5.2.157.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	4.0.155.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	4.1_base	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.1.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller 7.0	scope:	eq	version:	116.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	3.6.0e	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	5.1.152.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	3.0_base	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.0_base	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	3.1.105.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	4.2_base	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.4.100.60	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.5.102.11	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	4.2.182.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	3.1.59.24	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	4.0.217.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	4.2.99.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.3.112	Trust: 1.0
vendor:	cisco	model:	wireless lan controller 6.0	scope:	eq	version:	202.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	5.1.151.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	4.0.219.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.4.1.1	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	3.2.193.5	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.0.100	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	4.0.179.11	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	4.1.171.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	3.1.111.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.6.1.62	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	4.1.185.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.3.103.8	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.4.121.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	6.0_base	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.1.111.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.1.122.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	3.2.78.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.4.110.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller 6.0	scope:	eq	version:	182.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	4.2.130.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	4.2.174.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	4.0.206.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	3.2.185.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	3.2.195.10	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.0.72.140	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	3.2.171.5	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.6.100.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	3.2.116.21	Trust: 1.0
vendor:	cisco	model:	wireless lan controller 7.0	scope:	eq	version:	240.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	4.0.108	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	3.2.171.6	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	5.1.160.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller 6.0	scope:	eq	version:	188.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.1_base	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	5.0.148.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	4.0.155.5	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	4.0.196	Trust: 1.0
vendor:	cisco	model:	wireless lan controller 7.4	scope:	eq	version:	140.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.1.130.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.5.102.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.0.115.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	7.2_base	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	4.2.176.0	Trust: 1.0
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.3	Trust: 0.9
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.2	Trust: 0.9
vendor:	cisco	model:	wireless lan controller	scope:	eq	version:	8.0.100.0	Trust: 0.9
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.3.102.0	Trust: 0.8
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.2.121.0	Trust: 0.8
vendor:	cisco	model:	wireless lan controller software	scope:	lt	version:	8.3.x	Trust: 0.8
vendor:	cisco	model:	wireless lan controller software	scope:	lt	version:	8.2.x	Trust: 0.8
vendor:	cisco	model:	wireless lan controller software	scope:	eq	version:	8.1.x	Trust: 0.8
vendor:	cisco	model:	wireless lan controller	scope:	ne	version:	8.0.140	Trust: 0.3
vendor:	cisco	model:	wireless lan controller	scope:	ne	version:	8.3.102.0	Trust: 0.3
vendor:	cisco	model:	wireless lan controller	scope:	ne	version:	8.2.121.0	Trust: 0.3

sources: CNVD: CNVD-2016-07077 // BID: 92716 // JVNDB: JVNDB-2016-004516 // CNNVD: CNNVD-201608-546 // NVD: CVE-2016-6376

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-6376
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2016-6376
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2016-07077
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201608-546
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-95196
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-6376
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2016-07077
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-95196
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-6376
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2016-07077 // VULHUB: VHN-95196 // JVNDB: JVNDB-2016-004516 // CNNVD: CNNVD-201608-546 // NVD: CVE-2016-6376

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-95196 // JVNDB: JVNDB-2016-004516 // NVD: CVE-2016-6376

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201608-546

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201608-546

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-004516

PATCH

title:	cisco-sa-20160831-wlc-2	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-wlc-2	Trust: 0.8
title:	Patch for Cisco WirelessLANController Denial of Service Vulnerability (CNVD-2016-07077)	url:	https://www.cnvd.org.cn/patchInfo/show/81011	Trust: 0.6
title:	Cisco Wireless LAN Controller Adaptive Wireless Intrusion Prevention System Remediation measures for denial of service vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63839	Trust: 0.6

sources: CNVD: CNVD-2016-07077 // JVNDB: JVNDB-2016-004516 // CNNVD: CNNVD-201608-546

EXTERNAL IDS

db:	NVD	id:	CVE-2016-6376	Trust: 3.4
db:	BID	id:	92716	Trust: 2.6
db:	SECTRACK	id:	1036720	Trust: 1.1
db:	JVNDB	id:	JVNDB-2016-004516	Trust: 0.8
db:	CNNVD	id:	CNNVD-201608-546	Trust: 0.7
db:	CNVD	id:	CNVD-2016-07077	Trust: 0.6
db:	NSFOCUS	id:	34714	Trust: 0.6
db:	VULHUB	id:	VHN-95196	Trust: 0.1

sources: CNVD: CNVD-2016-07077 // VULHUB: VHN-95196 // BID: 92716 // JVNDB: JVNDB-2016-004516 // CNNVD: CNNVD-201608-546 // NVD: CVE-2016-6376

REFERENCES

url:	http://www.securityfocus.com/bid/92716	Trust: 2.3
url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160831-wlc-2	Trust: 2.0
url:	http://www.securitytracker.com/id/1036720	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6376	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6376	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/34714	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3
url:	http://www.cisco.com/en/us/products/ps6302/products_sub_category_home.html	Trust: 0.3

sources: CNVD: CNVD-2016-07077 // VULHUB: VHN-95196 // BID: 92716 // JVNDB: JVNDB-2016-004516 // CNNVD: CNNVD-201608-546 // NVD: CVE-2016-6376

CREDITS

Cisco

Trust: 0.9

sources: BID: 92716 // CNNVD: CNNVD-201608-546

SOURCES

db:	CNVD	id:	CNVD-2016-07077
db:	VULHUB	id:	VHN-95196
db:	BID	id:	92716
db:	JVNDB	id:	JVNDB-2016-004516
db:	CNNVD	id:	CNNVD-201608-546
db:	NVD	id:	CVE-2016-6376

LAST UPDATE DATE

2024-11-23T22:01:24.198000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-07077	date:	2016-09-02T00:00:00
db:	VULHUB	id:	VHN-95196	date:	2016-11-28T00:00:00
db:	BID	id:	92716	date:	2016-08-31T00:00:00
db:	JVNDB	id:	JVNDB-2016-004516	date:	2016-09-05T00:00:00
db:	CNNVD	id:	CNNVD-201608-546	date:	2016-09-02T00:00:00
db:	NVD	id:	CVE-2016-6376	date:	2024-11-21T02:56:00.600

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-07077	date:	2016-09-02T00:00:00
db:	VULHUB	id:	VHN-95196	date:	2016-09-02T00:00:00
db:	BID	id:	92716	date:	2016-08-31T00:00:00
db:	JVNDB	id:	JVNDB-2016-004516	date:	2016-09-05T00:00:00
db:	CNNVD	id:	CNNVD-201608-546	date:	2016-08-31T00:00:00
db:	NVD	id:	CVE-2016-6376	date:	2016-09-02T00:59:04.420