Details of VAR-201610-0300

ID

VAR-201610-0300

CVE

CVE-2016-6385

TITLE

Cisco IOS and IOS XE of Smart Install Service disruption in client implementation (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2016-005153

DESCRIPTION

Memory leak in the Smart Install client implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.2 through 3.8 allows remote attackers to cause a denial of service (memory consumption) via crafted image-list parameters, aka Bug ID CSCuy82367. ( Memory consumption ) There are vulnerabilities that are put into a state. Both Cisco IOS and IOSXESoftware are operating systems developed by Cisco for its network devices. SmartInstallclient is one of the clients that provides configuration and image management capabilities. An attacker can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCuy82367. Cisco IOS and IOS XE Software are vulnerable

Trust: 2.52

sources: NVD: CVE-2016-6385 // JVNDB: JVNDB-2016-005153 // CNVD: CNVD-2016-08388 // BID: 93203 // VULHUB: VHN-95205

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-08388

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(46\)ey	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2a\)e1	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(50\)se4	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2a\)ex5	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(55\)ex3	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(55\)se10	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(55\)se7	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)ex1	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.1se	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.1e	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(55\)se4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(58\)se1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(52\)se	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(53\)se1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(35\)se3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)ey3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.1\(2\)sg	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(58\)ey2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(35\)se	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(40\)se2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(1\)ey2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(54\)se	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.1xo	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)ez	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.0xo	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)ex10	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.2e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.2ae	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(1\)se	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)se9	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.3e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.1e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(55\)ey	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)se7	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(1\)e2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(37\)ey	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3\)e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)se3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.1\(2\)sg7	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.3e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.5se	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)ex2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(44\)ex	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(53\)se2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(50\)se1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(37\)ex	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.2e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)ey2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.2e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(55\)ex1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(40\)se	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.4e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)ed	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(60\)ez6	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.0e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(53\)ex	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(58\)ex	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(1\)ex	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(60\)ez1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(1\)e3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)eh	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3\)e2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)eb2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(55\)se3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(55\)se1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(58\)ey1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.0e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.2e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(53\)se	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)ed1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.0ja	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.1\(2\)sg2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.0e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(55\)se	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(52\)se1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(55\)ez	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(40\)se1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(52\)ex1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(44\)se6	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.5e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.1se	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)ej1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(1\)se3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.1\(2\)sg6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.1\(2\)sg5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(40\)ex	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3\)e3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(44\)se3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(44\)se2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3\)e1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(44\)se4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(46\)se1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(58\)ey	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(35\)se1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(52\)ex	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.1\(2\)sg1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(1\)se1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(35\)se5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(35\)ex1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(1\)se2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(35\)se2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)se4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.3se	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(55\)se8	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(55\)se9	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(37\)se	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)ec	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)ey1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.3e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)ex8	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2a\)se9	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(40\)ex2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(53\)ez	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.0se	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(60\)ez4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(60\)ez3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(50\)se5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(44\)se5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(44\)ey	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(46\)se	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)se6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(60\)ez2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(1\)ey	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)ey	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(55\)ex	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)se1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.1\(2\)sg4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)eb	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(60\)ez5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(50\)se3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.3se	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(37\)se1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(53\)ey	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)ej	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3m\)e3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(55\)ex2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(35\)ex2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.2xo	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(44\)se	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)ek1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.1\(2\)sg3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.2se	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(44\)se1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4m\)e1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)eb1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.4se	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3m\)e2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(50\)se2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)se2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(35\)se4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(40\)ex1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(1\)e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)ex3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(1\)e1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(58\)se2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.0e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)eb	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(50\)se	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.2se	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)ex4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(40\)ex3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(60\)ez7	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(60\)ez8	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)ex	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(46\)ex	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(1\)ey	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)ex5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.1e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(58\)ez	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(60\)ez	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(1\)ey1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.0se	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(44\)ex1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(4\)e1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.1e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(3a\)e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(55\)se5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)se5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(58\)se	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)se	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(35\)ex	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(46\)se2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(55\)se2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.0\(2\)ek	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.2\(2\)e	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2\(55\)se6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.2	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	15.0 to 15.2	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2 to 3.8	Trust: 0.8
vendor:	cisco	model:	ios	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios xe software	scope:	-	version:	-	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley stratix modular managed ethernet switches 15.2 ea3	scope:	eq	version:	8000	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix industrial managed ethernet switches 15.2 ea3	scope:	eq	version:	5700	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix industrial distribution switches 15.2 ea3	scope:	eq	version:	5410	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix industrial ethernet switches 15.2 ea3	scope:	eq	version:	5400	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley armorstratix industrial managed ethernet swit 15.2 ea3	scope:	eq	version:	5700	Trust: 0.3
vendor:	cisco	model:	ios xe software	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ios software	scope:	eq	version:	0	Trust: 0.3

sources: CNVD: CNVD-2016-08388 // BID: 93203 // JVNDB: JVNDB-2016-005153 // CNNVD: CNNVD-201609-644 // NVD: CVE-2016-6385

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-6385
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-6385
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2016-08388
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201609-644
value:	HIGH
Trust: 0.6
VULHUB:	VHN-95205
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2016-6385
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2016-08388
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-95205
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-6385
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2016-08388 // VULHUB: VHN-95205 // JVNDB: JVNDB-2016-005153 // CNNVD: CNNVD-201609-644 // NVD: CVE-2016-6385

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-95205 // JVNDB: JVNDB-2016-005153 // NVD: CVE-2016-6385

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201609-644

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201609-644

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-005153

PATCH

title:	cisco-sa-20160928-smi	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-smi	Trust: 0.8
title:	Patch for CiscoIOSandIOSXESoftware Denial of Service Vulnerability (CNVD-2016-08388)	url:	https://www.cnvd.org.cn/patchInfo/show/82011	Trust: 0.6
title:	Cisco IOS and IOS XE Software Smart Install Repair measures for client memory leak vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64414	Trust: 0.6

sources: CNVD: CNVD-2016-08388 // JVNDB: JVNDB-2016-005153 // CNNVD: CNNVD-201609-644

EXTERNAL IDS

db:	NVD	id:	CVE-2016-6385	Trust: 3.4
db:	BID	id:	93203	Trust: 2.6
db:	ICS CERT	id:	ICSA-16-287-04	Trust: 2.2
db:	SECTRACK	id:	1036914	Trust: 1.1
db:	JVNDB	id:	JVNDB-2016-005153	Trust: 0.8
db:	CNNVD	id:	CNNVD-201609-644	Trust: 0.7
db:	CNVD	id:	CNVD-2016-08388	Trust: 0.6
db:	VULHUB	id:	VHN-95205	Trust: 0.1

sources: CNVD: CNVD-2016-08388 // VULHUB: VHN-95205 // BID: 93203 // JVNDB: JVNDB-2016-005153 // CNNVD: CNNVD-201609-644 // NVD: CVE-2016-6385

REFERENCES

url:	http://www.securityfocus.com/bid/93203	Trust: 2.3
url:	https://ics-cert.us-cert.gov/advisories/icsa-16-287-04	Trust: 2.2
url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160928-smi	Trust: 2.0
url:	http://www.securitytracker.com/id/1036914	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6385	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6385	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3
url:	http://www.cisco.com/en/us/products/sw/iosswrel/products_ios_cisco_ios_software_category_home.html	Trust: 0.3

sources: CNVD: CNVD-2016-08388 // VULHUB: VHN-95205 // BID: 93203 // JVNDB: JVNDB-2016-005153 // CNNVD: CNNVD-201609-644 // NVD: CVE-2016-6385

CREDITS

Cisco.

Trust: 0.9

sources: BID: 93203 // CNNVD: CNNVD-201609-644

SOURCES

db:	CNVD	id:	CNVD-2016-08388
db:	VULHUB	id:	VHN-95205
db:	BID	id:	93203
db:	JVNDB	id:	JVNDB-2016-005153
db:	CNNVD	id:	CNNVD-201609-644
db:	NVD	id:	CVE-2016-6385

LAST UPDATE DATE

2024-11-23T20:19:12.804000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-08388	date:	2016-10-08T00:00:00
db:	VULHUB	id:	VHN-95205	date:	2017-07-30T00:00:00
db:	BID	id:	93203	date:	2016-10-26T04:10:00
db:	JVNDB	id:	JVNDB-2016-005153	date:	2016-11-10T00:00:00
db:	CNNVD	id:	CNNVD-201609-644	date:	2016-10-11T00:00:00
db:	NVD	id:	CVE-2016-6385	date:	2024-11-21T02:56:01.980

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-08388	date:	2016-10-08T00:00:00
db:	VULHUB	id:	VHN-95205	date:	2016-10-05T00:00:00
db:	BID	id:	93203	date:	2016-09-28T00:00:00
db:	JVNDB	id:	JVNDB-2016-005153	date:	2016-10-13T00:00:00
db:	CNNVD	id:	CNNVD-201609-644	date:	2016-09-29T00:00:00
db:	NVD	id:	CVE-2016-6385	date:	2016-10-05T20:59:05.477