CVE-2016-1454

CVSS v3 6.5 MEDIUM
CVSS v2.0 7.1 HIGH

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

7.1^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:C

Exploitability : 8.6 / Impact : 6.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

isco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and CSCux11417.

References

Link	Resource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp	Vendor Advisory
http://www.securityfocus.com/bid/93417	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1036950	Third Party Advisory VDB Entry
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp	Vendor Advisory
http://www.securityfocus.com/bid/93417	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1036950	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:cisco:nx-os::::::::
	cpe:2.3:o:cisco:nx-os::::::::

OR	cpe:2.3:h:cisco:nexus_3016:-:::::::*
	cpe:2.3:h:cisco:nexus_3048:-:::::::*
	cpe:2.3:h:cisco:nexus_31108pc-v:-:::::::*
	cpe:2.3:h:cisco:nexus_31108tc-v:-:::::::*
	cpe:2.3:h:cisco:nexus_31128pq:-:::::::*
	cpe:2.3:h:cisco:nexus_3132q:-:::::::*
	cpe:2.3:h:cisco:nexus_3132q-v:-:::::::*
	cpe:2.3:h:cisco:nexus_3164q:-:::::::*
	cpe:2.3:h:cisco:nexus_3172:-:::::::*
	cpe:2.3:h:cisco:nexus_3232c:-:::::::*
	cpe:2.3:h:cisco:nexus_3264q:-:::::::*

Configuration 2 (hide)

AND

OR	cpe:2.3:o:cisco:nx-os::::::::
	cpe:2.3:o:cisco:nx-os::::::::
	cpe:2.3:o:cisco:nx-os::::::::

OR	cpe:2.3:h:cisco:5548p:-:::::::*
	cpe:2.3:h:cisco:5548up:-:::::::*
	cpe:2.3:h:cisco:5596t:-:::::::*
	cpe:2.3:h:cisco:5596up:-:::::::*
	cpe:2.3:h:cisco:56128p:-:::::::*
	cpe:2.3:h:cisco:5624q:-:::::::*
	cpe:2.3:h:cisco:5648q:-:::::::*
	cpe:2.3:h:cisco:5672up:-:::::::*
	cpe:2.3:h:cisco:5672up-16g:-:::::::*
	cpe:2.3:h:cisco:5696q:-:::::::*
	cpe:2.3:h:cisco:nexus_6001:-:::::::*
	cpe:2.3:h:cisco:nexus_6004:-:::::::*

Configuration 3 (hide)

AND

cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:nexus_5010:-:::::::*
	cpe:2.3:h:cisco:nexus_5020:-:::::::*

Configuration 4 (hide)

AND

OR	cpe:2.3:o:cisco:nx-os::::::::
	cpe:2.3:o:cisco:nx-os::::::::

OR	cpe:2.3:h:cisco:nexus_7000_10-slot:-:::::::*
	cpe:2.3:h:cisco:nexus_7000_18-slot:-:::::::*
	cpe:2.3:h:cisco:nexus_7000_4-slot:-:::::::*
	cpe:2.3:h:cisco:nexus_7000_9-slot:-:::::::*
	cpe:2.3:h:cisco:nexus_7700_10-slot:-:::::::*
	cpe:2.3:h:cisco:nexus_7700_18-slot:-:::::::*
	cpe:2.3:h:cisco:nexus_7700_2-slot:-:::::::*
	cpe:2.3:h:cisco:nexus_7700_6-slot:-:::::::*

Configuration 5 (hide)

AND

cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:nexus_1000v_for_vmware_vsphere:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

OR	cpe:2.3:o:cisco:nx-os::::::::
	cpe:2.3:o:cisco:nx-os::::::::

OR	cpe:2.3:h:cisco:nexus_92160yc-x:-:::::::*
	cpe:2.3:h:cisco:nexus_92304qc:-:::::::*
	cpe:2.3:h:cisco:nexus_9236c:-:::::::*
	cpe:2.3:h:cisco:nexus_9272q:-:::::::*
	cpe:2.3:h:cisco:nexus_93108tc-ex:-:::::::*
	cpe:2.3:h:cisco:nexus_93120tx:-:::::::*
	cpe:2.3:h:cisco:nexus_93128tx:-:::::::*
	cpe:2.3:h:cisco:nexus_93180yc-ex:-:::::::*
	cpe:2.3:h:cisco:nexus_9332pq:-:::::::*
	cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:::::::*
	cpe:2.3:h:cisco:nexus_9372px:-:::::::*
	cpe:2.3:h:cisco:nexus_9372tx:-:::::::*
	cpe:2.3:h:cisco:nexus_9396px:-:::::::*
	cpe:2.3:h:cisco:nexus_9396tx:-:::::::*
	cpe:2.3:h:cisco:nexus_9504:-:::::::*
	cpe:2.3:h:cisco:nexus_9508:-:::::::*
	cpe:2.3:h:cisco:nexus_9516:-:::::::*

Configuration 7 (hide)

AND

cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:nexus_3524:-:::::::*
	cpe:2.3:h:cisco:nexus_3548:-:::::::*

History

21 Nov 2024, 02:46

Type	Values Removed	Values Added
References	~~() http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp - Vendor Advisory~~	() http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp - Vendor Advisory
References	~~() http://www.securityfocus.com/bid/93417 - Third Party Advisory, VDB Entry~~	() http://www.securityfocus.com/bid/93417 - Third Party Advisory, VDB Entry
References	~~() http://www.securitytracker.com/id/1036950 - Third Party Advisory, VDB Entry~~	() http://www.securitytracker.com/id/1036950 - Third Party Advisory, VDB Entry

Information

Published : 2016-10-06 10:59

Updated : 2025-04-12 10:46

NVD link : CVE-2016-1454

Mitre link : CVE-2016-1454

CVE.ORG link : CVE-2016-1454

JSON object : View

Products Affected

cisco

CWE

CWE-20

Improper Input Validation

6.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

7.1 /10

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

JSON object

Attach tags to CVE-2016-1454

6.5^/10

7.1^/10

Attach tags to `CVE-2016-1454`