Lucene search

[email protected]CVE-2016-1454

HistoryOct 06, 2016 - 10:59 a.m.

CVE-2016-1454

2016-10-0610:59:03

CWE-20

[email protected]

web.nvd.nist.gov

cve-2016-1454

cisco

nx-os

denial of service

vulnerability

bgp

update

cscuq77105

cscux11417

nvd

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.3 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.7%

JSON

Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and CSCux11417.

Affected configurations

NVD

Node

cisconx-osRange<6.0\(2\)u6\(7\)

cisconx-osRange6.1–7.0\(3\)i4\(1\)

AND

cisconexus_3016Match-

cisconexus_3048Match-

cisconexus_31108pc-vMatch-

cisconexus_31108tc-vMatch-

cisconexus_31128pqMatch-

cisconexus_3132qMatch-

cisconexus_3132q-vMatch-

cisconexus_3164qMatch-

cisconexus_3172Match-

cisconexus_3232cMatch-

cisconexus_3264qMatch-

Node

cisconx-osRange<7.1\(4\)n1\(1\)

cisconx-osRange7.2–7.2\(2\)n1\(1\)

cisconx-osRange7.3–7.3\(0\)n1\(1\)

AND

cisco5548pMatch-

cisco5548upMatch-

cisco5596tMatch-

cisco5596upMatch-

cisco56128pMatch-

cisco5624qMatch-

cisco5648qMatch-

cisco5672upMatch-

cisco5672up-16gMatch-

cisco5696qMatch-

cisconexus_6001Match-

cisconexus_6004Match-

Node

cisconx-osRange<5.2

AND

cisconexus_5010Match-

cisconexus_5020Match-

Node

cisconx-osRange<7.2\(2\)d1\(1\)

cisconx-osRange7.3–7.3\(1\)d1\(1\)

AND

cisconexus_7000_10-slotMatch-

cisconexus_7000_18-slotMatch-

cisconexus_7000_4-slotMatch-

cisconexus_7000_9-slotMatch-

cisconexus_7700_10-slotMatch-

cisconexus_7700_18-slotMatch-

cisconexus_7700_2-slotMatch-

cisconexus_7700_6-slotMatch-

Node

cisconx-osRange<5.2\(1\)sv3\(1.15\)

AND

cisconexus_1000v_for_vmware_vsphereMatch-

Node

cisconx-osRange6.1–7.0\(3\)i4\(1\)

cisconx-osRange11.0–11.1\(1j\)

AND

cisconexus_92160yc-xMatch-

cisconexus_92304qcMatch-

cisconexus_9236cMatch-

cisconexus_9272qMatch-

cisconexus_93108tc-exMatch-

cisconexus_93120txMatch-

cisconexus_93128txMatch-

cisconexus_93180yc-exMatch-

cisconexus_9332pqMatch-

cisconexus_9336pq_aci_spineMatch-

cisconexus_9372pxMatch-

cisconexus_9372txMatch-

cisconexus_9396pxMatch-

cisconexus_9396txMatch-

cisconexus_9504Match-

cisconexus_9508Match-

cisconexus_9516Match-

Node

cisconx-osRange<6.0\(2\)a8\(1\)

AND

cisconexus_3524Match-

cisconexus_3548Match-

CPENameOperatorVersion
cisco:nx-oscisco nx-oslt6.0\(2\)u6\(7\)
cisco:nx-oscisco nx-oslt7.0\(3\)i4\(1\)

CPE	Name	Operator	Version
cisco:nx-os	cisco nx-os	lt	6.0\(2\)u6\(7\)
cisco:nx-os	cisco nx-os	lt	7.0\(3\)i4\(1\)

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp

www.securityfocus.com/bid/93417

www.securitytracker.com/id/1036950

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.3 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.7%

JSON

Related for CVE-2016-1454

nessus2 prion1 openvas1 nvd1 cvelist1 cisco1 threatpost1