Details of VAR-201610-0302

ID

VAR-201610-0302

CVE

CVE-2016-6378

TITLE

Cisco IOS XE Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2016-005147

DESCRIPTION

Cisco IOS XE 3.1 through 3.17 and 16.1 through 16.2 allows remote attackers to cause a denial of service (device reload) via crafted ICMP packets that require NAT, aka Bug ID CSCuw85853. Cisco IOSXE is an operating system developed by Cisco Systems for its network devices. NetworkAddressTranslation (NAT) is one of the network address translation functions. A denial of service vulnerability exists in the implementation of the NAT feature in Cisco IOSXESoftware. An attacker can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCuw85853

Trust: 2.61

sources: NVD: CVE-2016-6378 // JVNDB: JVNDB-2016-005147 // CNVD: CNVD-2016-08390 // BID: 93200 // VULHUB: VHN-95198 // VULMON: CVE-2016-6378

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-08390

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.2s	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.2s	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.0bs	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.1as	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.1s	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.0s	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.6s	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.0s	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.2s	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.2as	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.1.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.1as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.4as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.0cs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.1.4as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.2ts	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.0as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.1.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.2ts	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.8.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.5s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.16.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.5s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.1.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.14.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.7s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.6s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.3.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.2.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.11.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.9.0as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.14.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15.1cs	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.5s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.4.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.15.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.10.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.13.0as	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.14.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.1.4s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.2.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.7.6s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.17.0s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.14.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.5.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.6.2s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.12.3s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.1 to 16.2	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	eq	version:	3.1 to 3.17	Trust: 0.8
vendor:	cisco	model:	ios xe software	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ios xe software	scope:	eq	version:	0	Trust: 0.3

sources: CNVD: CNVD-2016-08390 // BID: 93200 // JVNDB: JVNDB-2016-005147 // CNNVD: CNNVD-201609-643 // NVD: CVE-2016-6378

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-6378
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-6378
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2016-08390
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201609-643
value:	HIGH
Trust: 0.6
VULHUB:	VHN-95198
value:	HIGH
Trust: 0.1
VULMON:	CVE-2016-6378
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2016-6378
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2016-08390
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-95198
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-6378
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2016-08390 // VULHUB: VHN-95198 // VULMON: CVE-2016-6378 // JVNDB: JVNDB-2016-005147 // CNNVD: CNNVD-201609-643 // NVD: CVE-2016-6378

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-95198 // JVNDB: JVNDB-2016-005147 // NVD: CVE-2016-6378

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201609-643

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201609-643

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-005147

PATCH

title:	cisco-sa-20160928-esp-nat	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-esp-nat	Trust: 0.8
title:	Patch for Cisco IOSXESoftware Denial of Service Vulnerability (CNVD-2016-08390)	url:	https://www.cnvd.org.cn/patchInfo/show/82019	Trust: 0.6
title:	Cisco IOS XE Software Network Address Translation Remediation measures for denial of service vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64413	Trust: 0.6
title:	Cisco: Cisco IOS XE Software NAT Denial of Service Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20160928-esp-nat	Trust: 0.1

sources: CNVD: CNVD-2016-08390 // VULMON: CVE-2016-6378 // JVNDB: JVNDB-2016-005147 // CNNVD: CNNVD-201609-643

EXTERNAL IDS

db:	NVD	id:	CVE-2016-6378	Trust: 3.5
db:	BID	id:	93200	Trust: 2.7
db:	SECTRACK	id:	1036914	Trust: 1.2
db:	JVNDB	id:	JVNDB-2016-005147	Trust: 0.8
db:	CNNVD	id:	CNNVD-201609-643	Trust: 0.7
db:	CNVD	id:	CNVD-2016-08390	Trust: 0.6
db:	VULHUB	id:	VHN-95198	Trust: 0.1
db:	VULMON	id:	CVE-2016-6378	Trust: 0.1

sources: CNVD: CNVD-2016-08390 // VULHUB: VHN-95198 // VULMON: CVE-2016-6378 // BID: 93200 // JVNDB: JVNDB-2016-005147 // CNNVD: CNNVD-201609-643 // NVD: CVE-2016-6378

REFERENCES

url:	http://www.securityfocus.com/bid/93200	Trust: 2.5
url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160928-esp-nat	Trust: 2.2
url:	http://www.securitytracker.com/id/1036914	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6378	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6378	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/399.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2016-08390 // VULHUB: VHN-95198 // VULMON: CVE-2016-6378 // BID: 93200 // JVNDB: JVNDB-2016-005147 // CNNVD: CNNVD-201609-643 // NVD: CVE-2016-6378

CREDITS

Cisco.

Trust: 0.9

sources: BID: 93200 // CNNVD: CNNVD-201609-643

SOURCES

db:	CNVD	id:	CNVD-2016-08390
db:	VULHUB	id:	VHN-95198
db:	VULMON	id:	CVE-2016-6378
db:	BID	id:	93200
db:	JVNDB	id:	JVNDB-2016-005147
db:	CNNVD	id:	CNNVD-201609-643
db:	NVD	id:	CVE-2016-6378

LAST UPDATE DATE

2024-11-23T19:25:42.844000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-08390	date:	2016-10-08T00:00:00
db:	VULHUB	id:	VHN-95198	date:	2017-07-30T00:00:00
db:	VULMON	id:	CVE-2016-6378	date:	2017-07-30T00:00:00
db:	BID	id:	93200	date:	2016-10-03T09:01:00
db:	JVNDB	id:	JVNDB-2016-005147	date:	2016-10-13T00:00:00
db:	CNNVD	id:	CNNVD-201609-643	date:	2016-10-11T00:00:00
db:	NVD	id:	CVE-2016-6378	date:	2024-11-21T02:56:00.840

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-08390	date:	2016-10-08T00:00:00
db:	VULHUB	id:	VHN-95198	date:	2016-10-05T00:00:00
db:	VULMON	id:	CVE-2016-6378	date:	2016-10-05T00:00:00
db:	BID	id:	93200	date:	2016-09-28T00:00:00
db:	JVNDB	id:	JVNDB-2016-005147	date:	2016-10-13T00:00:00
db:	CNNVD	id:	CNNVD-201609-643	date:	2016-09-29T00:00:00
db:	NVD	id:	CVE-2016-6378	date:	2016-10-05T20:59:01.960