Details of VAR-201611-0173

ID

VAR-201611-0173

CVE

CVE-2016-6466

TITLE

Cisco ASR 5000 Series router StarOS of IPsec Service disruption in components (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2016-005907

DESCRIPTION

A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 Series routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service (DoS) condition. This vulnerability affects the following Cisco products: Cisco ASR 5000/5500 Series routers, Cisco Virtualized Packet Core (VPC). More Information: CSCva13631. Known Affected Releases: 20.0.0 20.1.0 20.2.0 20.2.3 20.2.v1 21.0.0 21.0.M0.64246. Known Fixed Releases: 20.2.3 20.2.3.65026 20.2.a4.65307 20.2.v1 20.2.v1.65353 20.3.M0.65037 20.3.T0.65043 21.0.0 21.0.0.65256 21.0.M0.64595 21.0.M0.64860 21.0.M0.65140 21.0.V0.65052 21.0.V0.65150 21.0.V0.65366 21.0.VC0.64639 21.1.A0.64861 21.1.A0.65145 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.R0.65154 21.1.VC0.64898 21.1.VC0.65203 21.2.A0.65147. A denial of service vulnerability exists in the Cisco ASR5000Series that could allow an attacker to restart a device and deny legitimate users. This issue is being tracked by Cisco Bug ID CSCva13631

Trust: 2.52

sources: NVD: CVE-2016-6466 // JVNDB: JVNDB-2016-005907 // CNVD: CNVD-2016-11332 // BID: 94361 // VULHUB: VHN-95286

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-11332

AFFECTED PRODUCTS

vendor:	cisco	model:	asr 5000 series software	scope:	eq	version:	20.0.0	Trust: 2.4
vendor:	cisco	model:	asr 5000 series software	scope:	eq	version:	20.0.2.3	Trust: 2.4
vendor:	cisco	model:	asr 5000 series software	scope:	eq	version:	20.0.2.v1	Trust: 2.4
vendor:	cisco	model:	virtualized packet core	scope:	eq	version:	20.0_base	Trust: 1.6
vendor:	cisco	model:	virtualized packet core	scope:	eq	version:	20.0 base	Trust: 0.8
vendor:	cisco	model:	asr series	scope:	eq	version:	5000	Trust: 0.6
vendor:	cisco	model:	virtualized packet core	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr series	scope:	eq	version:	55000	Trust: 0.3
vendor:	cisco	model:	asr series	scope:	eq	version:	50000	Trust: 0.3

sources: CNVD: CNVD-2016-11332 // BID: 94361 // JVNDB: JVNDB-2016-005907 // CNNVD: CNNVD-201611-363 // NVD: CVE-2016-6466

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-6466
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-6466
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2016-11332
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201611-363
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-95286
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-6466
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2016-11332
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-95286
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-6466
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2016-11332 // VULHUB: VHN-95286 // JVNDB: JVNDB-2016-005907 // CNNVD: CNNVD-201611-363 // NVD: CVE-2016-6466

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-95286 // JVNDB: JVNDB-2016-005907 // NVD: CVE-2016-6466

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201611-363

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201611-363

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-005907

PATCH

title:	cisco-sa-20161116-asr	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161116-asr	Trust: 0.8
title:	Patch for Cisco ASR5000Series Denial of Service Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/84102	Trust: 0.6
title:	Cisco ASR 5000 Series routers Remediation measures for denial of service vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65722	Trust: 0.6

sources: CNVD: CNVD-2016-11332 // JVNDB: JVNDB-2016-005907 // CNNVD: CNNVD-201611-363

EXTERNAL IDS

db:	NVD	id:	CVE-2016-6466	Trust: 3.4
db:	BID	id:	94361	Trust: 2.6
db:	SECTRACK	id:	1037308	Trust: 1.1
db:	JVNDB	id:	JVNDB-2016-005907	Trust: 0.8
db:	CNNVD	id:	CNNVD-201611-363	Trust: 0.7
db:	CNVD	id:	CNVD-2016-11332	Trust: 0.6
db:	VULHUB	id:	VHN-95286	Trust: 0.1

sources: CNVD: CNVD-2016-11332 // VULHUB: VHN-95286 // BID: 94361 // JVNDB: JVNDB-2016-005907 // CNNVD: CNNVD-201611-363 // NVD: CVE-2016-6466

REFERENCES

url:	http://www.securityfocus.com/bid/94361	Trust: 2.3
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20161116-asr	Trust: 2.0
url:	http://www.securitytracker.com/id/1037308	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6466	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6466	Trust: 0.8
url:	http://www.cisco.com/en/us/products/ps11072/	Trust: 0.3
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2016-11332 // VULHUB: VHN-95286 // BID: 94361 // JVNDB: JVNDB-2016-005907 // CNNVD: CNNVD-201611-363 // NVD: CVE-2016-6466

CREDITS

Cisco

Trust: 0.9

sources: BID: 94361 // CNNVD: CNNVD-201611-363

SOURCES

db:	CNVD	id:	CNVD-2016-11332
db:	VULHUB	id:	VHN-95286
db:	BID	id:	94361
db:	JVNDB	id:	JVNDB-2016-005907
db:	CNNVD	id:	CNNVD-201611-363
db:	NVD	id:	CVE-2016-6466

LAST UPDATE DATE

2024-11-23T22:34:47.347000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-11332	date:	2016-11-21T00:00:00
db:	VULHUB	id:	VHN-95286	date:	2017-07-28T00:00:00
db:	BID	id:	94361	date:	2016-11-24T01:11:00
db:	JVNDB	id:	JVNDB-2016-005907	date:	2016-11-22T00:00:00
db:	CNNVD	id:	CNNVD-201611-363	date:	2016-11-18T00:00:00
db:	NVD	id:	CVE-2016-6466	date:	2024-11-21T02:56:11.263

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-11332	date:	2016-11-21T00:00:00
db:	VULHUB	id:	VHN-95286	date:	2016-11-19T00:00:00
db:	BID	id:	94361	date:	2016-11-16T00:00:00
db:	JVNDB	id:	JVNDB-2016-005907	date:	2016-11-22T00:00:00
db:	CNNVD	id:	CNNVD-201611-363	date:	2016-11-18T00:00:00
db:	NVD	id:	CVE-2016-6466	date:	2016-11-19T03:03:08.150