Details of VAR-201610-0301

ID

VAR-201610-0301

CVE

CVE-2016-6386

TITLE

Cisco IOS XE Software IP Fragment Reassembly Denial of Service Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2016-08384 // CNNVD: CNNVD-201609-641

DESCRIPTION

Cisco IOS XE 3.1 through 3.17 and 16.1 on 64-bit platforms allows remote attackers to cause a denial of service (data-structure corruption and device reload) via fragmented IPv4 packets, aka Bug ID CSCux66005. Cisco IOSXESoftware is an operating system developed by Cisco Systems for its network devices. A denial of service vulnerability exists in the IPFragmentReassembly feature in Cisco IOSXESoftware. A remote attacker could exploit the vulnerability by sending a specially crafted IPv4 segmentation packet, causing the device to be overloaded, resulting in a denial of service. Cisco IOS XE Software is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause an affected device to restart, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCux66005

Trust: 2.52

sources: NVD: CVE-2016-6386 // JVNDB: JVNDB-2016-005154 // CNVD: CNVD-2016-08384 // BID: 93202 // VULHUB: VHN-95206

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-08384

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.0e	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.1s	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.5s	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.5s	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.1as	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.5se	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.0s	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.0s	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.3s	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.0ex	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.3e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.6s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.3sq	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.0sq	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.0se	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.4as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.0cs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.1.4as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.2e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.2sq	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.2ae	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.4s	Trust: 1.0
vendor:	cisco	model:	ios xe 3.3xo	scope:	eq	version:	3.3.1xo	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.1.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.3e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.0as	Trust: 1.0
vendor:	cisco	model:	ios xe 3.3xo	scope:	eq	version:	3.3.0xo	Trust: 1.0
vendor:	cisco	model:	ios xe 3.4sg	scope:	eq	version:	3.4.3sg	Trust: 1.0
vendor:	cisco	model:	ios xe 3.3sg	scope:	eq	version:	3.3.2sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.1e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.1e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.2as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.3s	Trust: 1.0
vendor:	cisco	model:	ios xe 3.3sg	scope:	eq	version:	3.3.0sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.1.3as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.1sq	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.3se	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.3e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.2ts	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.1xbs	Trust: 1.0
vendor:	cisco	model:	ios xe 16.1	scope:	eq	version:	16.1.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.2se	Trust: 1.0
vendor:	cisco	model:	ios xe 3.4sg	scope:	eq	version:	3.4.7sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.2e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.4e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.4se	Trust: 1.0
vendor:	cisco	model:	ios xe 3.4sg	scope:	eq	version:	3.4.6sg	Trust: 1.0
vendor:	cisco	model:	ios xe 3.3xo	scope:	eq	version:	3.3.2xo	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.1.0sg	Trust: 1.0
vendor:	cisco	model:	ios xe 3.4sg	scope:	eq	version:	3.4.5sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.14.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.0e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.0sq	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.0sq	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.2se	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.2s	Trust: 1.0
vendor:	cisco	model:	ios xe 3.4sg	scope:	eq	version:	3.4.1sg	Trust: 1.0
vendor:	cisco	model:	ios xe 3.2ja	scope:	eq	version:	3.2.0ja	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.2e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.1.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.1as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.6s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.1.1sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.0e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.1e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.0as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.14.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.1.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15.1cs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.0se	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.1se	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.1e	Trust: 1.0
vendor:	cisco	model:	ios xe 3.3sg	scope:	eq	version:	3.3.1sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.5s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.2s	Trust: 1.0
vendor:	cisco	model:	ios xe 3.4sg	scope:	eq	version:	3.4.0sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.0as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.1sq	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.14.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.1se	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.1.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.7s	Trust: 1.0
vendor:	cisco	model:	ios xe 3.4sg	scope:	eq	version:	3.4.2sg	Trust: 1.0
vendor:	cisco	model:	ios xe 3.4sg	scope:	eq	version:	3.4.4sg	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.6s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.14.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.0as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.1sq	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.3se	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.1	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.1 to 3.17	Trust: 0.8
vendor:	cisco	model:	cbr-8 converged broadband routers	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	asr series aggregation services routers with route processor or route processor	scope:	eq	version:	100023	Trust: 0.6
vendor:	cisco	model:	asr series aggregation services routers	scope:	eq	version:	900	Trust: 0.6
vendor:	cisco	model:	series integrated services routers	scope:	eq	version:	4000	Trust: 0.6
vendor:	cisco	model:	ios xe 3.2sg	scope:	eq	version:	3.2.0sg	Trust: 0.6
vendor:	cisco	model:	ios xe software	scope:	eq	version:	0	Trust: 0.3

sources: CNVD: CNVD-2016-08384 // BID: 93202 // JVNDB: JVNDB-2016-005154 // CNNVD: CNNVD-201609-641 // NVD: CVE-2016-6386

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-6386
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-6386
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2016-08384
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201609-641
value:	HIGH
Trust: 0.6
VULHUB:	VHN-95206
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2016-6386
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2016-08384
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-95206
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-6386
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2016-08384 // VULHUB: VHN-95206 // JVNDB: JVNDB-2016-005154 // CNNVD: CNNVD-201609-641 // NVD: CVE-2016-6386

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-95206 // JVNDB: JVNDB-2016-005154 // NVD: CVE-2016-6386

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201609-641

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201609-641

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-005154

PATCH

title:	cisco-sa-20160928-frag	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-frag	Trust: 0.8
title:	CiscoIOSXESoftwareIPFragmentReassembly Denial of Service Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/82013	Trust: 0.6
title:	Cisco IOS XE Software IP Fragment Reassembly Remediation measures for denial of service vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64411	Trust: 0.6

sources: CNVD: CNVD-2016-08384 // JVNDB: JVNDB-2016-005154 // CNNVD: CNNVD-201609-641

EXTERNAL IDS

db:	NVD	id:	CVE-2016-6386	Trust: 3.4
db:	BID	id:	93202	Trust: 2.6
db:	SECTRACK	id:	1036914	Trust: 1.7
db:	JVNDB	id:	JVNDB-2016-005154	Trust: 0.8
db:	CNNVD	id:	CNNVD-201609-641	Trust: 0.7
db:	CNVD	id:	CNVD-2016-08384	Trust: 0.6
db:	VULHUB	id:	VHN-95206	Trust: 0.1

sources: CNVD: CNVD-2016-08384 // VULHUB: VHN-95206 // BID: 93202 // JVNDB: JVNDB-2016-005154 // CNNVD: CNNVD-201609-641 // NVD: CVE-2016-6386

REFERENCES

url:	http://www.securityfocus.com/bid/93202	Trust: 2.3
url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160928-frag	Trust: 2.0
url:	http://www.securitytracker.com/id/1036914	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6386	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6386	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3
url:	http://www.cisco.com/c/en/us/products/ios-nx-os-software/ios-xe/index.html	Trust: 0.3

sources: CNVD: CNVD-2016-08384 // VULHUB: VHN-95206 // BID: 93202 // JVNDB: JVNDB-2016-005154 // CNNVD: CNNVD-201609-641 // NVD: CVE-2016-6386

CREDITS

Cisco

Trust: 0.9

sources: BID: 93202 // CNNVD: CNNVD-201609-641

SOURCES

db:	CNVD	id:	CNVD-2016-08384
db:	VULHUB	id:	VHN-95206
db:	BID	id:	93202
db:	JVNDB	id:	JVNDB-2016-005154
db:	CNNVD	id:	CNNVD-201609-641
db:	NVD	id:	CVE-2016-6386

LAST UPDATE DATE

2024-11-23T20:05:01.444000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-08384	date:	2016-10-08T00:00:00
db:	VULHUB	id:	VHN-95206	date:	2020-09-29T00:00:00
db:	BID	id:	93202	date:	2016-10-03T00:01:00
db:	JVNDB	id:	JVNDB-2016-005154	date:	2016-10-13T00:00:00
db:	CNNVD	id:	CNNVD-201609-641	date:	2020-09-30T00:00:00
db:	NVD	id:	CVE-2016-6386	date:	2024-11-21T02:56:02.117

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-08384	date:	2016-10-08T00:00:00
db:	VULHUB	id:	VHN-95206	date:	2016-10-05T00:00:00
db:	BID	id:	93202	date:	2016-09-28T00:00:00
db:	JVNDB	id:	JVNDB-2016-005154	date:	2016-10-13T00:00:00
db:	CNNVD	id:	CNNVD-201609-641	date:	2016-09-29T00:00:00
db:	NVD	id:	CVE-2016-6386	date:	2016-10-05T17:59:03.807