Lucene search

CiscoCISCO-SA-20160804-WEDGE

HistoryAug 04, 2016 - 4:00 p.m.

Cisco IOS and IOS XE Software Crafted Network Time Protocol Packets Denial of Service Vulnerability

2016-08-0416:00:00

tools.cisco.com

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.006

Percentile

77.8%

JSON

A vulnerability in the processing of Network Time Protocol (NTP) packets by Cisco IOS and Cisco IOS XE could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device.

The vulnerability is due to insufficient checks on clearing the invalid NTP packets from the interface queue. An attacker could exploit this vulnerability by sending a number of crafted NTP packets to be processed by an affected device. An exploit could allow the attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability; however, there is a mitigation for this vulnerability.

This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160804-wedge [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160804-wedge”]

Affected configurations

Vulners

Node

ciscoiosMatch15.2e

ciscoiosMatch15.5s

ciscoiosMatch15.6s

ciscoiosMatch15.6t

ciscocisco_ios_xe_softwareMatch3.16s

ciscocisco_ios_xe_softwareMatch3.17s

ciscocisco_ios_xe_softwareMatch16.3

ciscocisco_ios_xe_softwareMatch3.18s

ciscocisco_ios_xe_softwareMatch3.10e

ciscoiosMatch15.2\(6\)e1a

ciscoiosMatch15.5\(3\)s3

ciscoiosMatch15.6\(2\)s1

ciscoiosMatch15.6\(1\)s2

ciscoiosMatch15.6\(2\)t1

ciscocisco_ios_xe_softwareMatch3.16.3s

ciscocisco_ios_xe_softwareMatch3.16.3as

ciscocisco_ios_xe_softwareMatch3.17.2s

ciscocisco_ios_xe_softwareMatch16.3.1

ciscocisco_ios_xe_softwareMatch3.18.1s

ciscocisco_ios_xe_softwareMatch3.10.1ae

VendorProductVersionCPE
ciscoios15.2ecpe:2.3:o:cisco:ios:15.2e:*:*:*:*:*:*:*
ciscoios15.5scpe:2.3:o:cisco:ios:15.5s:*:*:*:*:*:*:*
ciscoios15.6scpe:2.3:o:cisco:ios:15.6s:*:*:*:*:*:*:*
ciscoios15.6tcpe:2.3:o:cisco:ios:15.6t:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.16scpe:2.3:a:cisco:cisco_ios_xe_software:3.16s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.17scpe:2.3:a:cisco:cisco_ios_xe_software:3.17s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software16.3cpe:2.3:a:cisco:cisco_ios_xe_software:16.3:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.18scpe:2.3:a:cisco:cisco_ios_xe_software:3.18s:*:*:*:*:*:*:*
ciscocisco_ios_xe_software3.10ecpe:2.3:a:cisco:cisco_ios_xe_software:3.10e:*:*:*:*:*:*:*
ciscoios15.2(6)e1acpe:2.3:o:cisco:ios:15.2\(6\)e1a:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios	15.2e	cpe:2.3:o:cisco:ios:15.2e:::::::*
cisco	ios	15.5s	cpe:2.3:o:cisco:ios:15.5s:::::::*
cisco	ios	15.6s	cpe:2.3:o:cisco:ios:15.6s:::::::*
cisco	ios	15.6t	cpe:2.3:o:cisco:ios:15.6t:::::::*
cisco	cisco_ios_xe_software	3.16s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.16s:::::::*
cisco	cisco_ios_xe_software	3.17s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.17s:::::::*
cisco	cisco_ios_xe_software	16.3	cpe:2.3:a:cisco:cisco_ios_xe_software:16.3:::::::*
cisco	cisco_ios_xe_software	3.18s	cpe:2.3:a:cisco:cisco_ios_xe_software:3.18s:::::::*
cisco	cisco_ios_xe_software	3.10e	cpe:2.3:a:cisco:cisco_ios_xe_software:3.10e:::::::*
cisco	ios	15.2(6)e1a	cpe:2.3:o:cisco:ios:15.2\(6\)e1a:::::::*

Rows per page:

1-10 of 201

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160804-wedge

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.006

Percentile

77.8%

JSON

Related for CISCO-SA-20160804-WEDGE