Cisco IOS IKEv1 Fragmentation DoS (cisco-sa-20160928-ios-ikev1)
2016-11-14T00:00:00
ID CISCO-SA-20160928-IKEV1-IOS.NASL Type nessus Reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. Modified 2021-02-02T00:00:00
Description
According to its self-reported version and configuration, the Cisco
IOS software running on the remote device is affected by a denial of
service vulnerability in the Internet Key Exchange version 1 (IKEv1)
subsystem due to improper handling of fragmented IKEv1 packets. An
unauthenticated, remote attacker can exploit this issue, via specially
crafted IKEv1 packets, to cause the device to reload.
#TRUSTED 65e0fb5b6a28bf44ba74f58bd90b9490d4e732890eaed29c826b320ceabdf9f91d372e491326ee85574f61599034242cd5eb8eea2ecafa2a52d499e6eaf2c6db30fa3b54ba22538e33f675968348649ce458b7e8b278410a6760925ecdcf991386eb724d2ac9408a2084d2a6894d400e56a47f9d76bb674ded00eb331721f84f229ab1d96a3fbb7fc11f119caafd4ad053f07ae769e253ab5ea50ad6ca8e6b1343abcb42f3380a9d5b82e684d59884854a0152a0adae374f0ee595ac8add0560f5022d4029110cdf7c712679216c00a1ff7746ef7a48418f76f3440cc528d57987e300a64e94937bfc074dff285cf62fe81f04126c7272ed137c9e097233b601f2c7288de4259c38f1ab3be1e95261a680f0e2e07b3b1577b374f91cae64ccdc218ded3ed251be16c974b925957d28b6d7477762c0fdef6fcd220888457d32015e99ac12622725d0a98109f2036be175fc8e0cccdceac6e8d7588d8c0635f50d5aa32eb8d5a38dddd855a4560b623bc7ce31b20d8cc1f466ec3009a297ec361f12f68be723af776d0a6f425cb6ddeb91b8c1a3e9e3e57cb0e544e3e6cda9c1dd319f43ac71ba5842cdcaa5d7c1d502de6f4b20258b08c4772b85a4d9e7b66422d744fac69247ebc48cdada35b9384cf7c21681ca02044727ae03c59cc9d9e95608595ad2b3f9cdd3cba4812256dfed9ab7d7ad3f4fb6b7631756ec5e8d7d4acc
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(94762);
script_version("1.9");
script_cvs_date("Date: 2019/11/14");
script_cve_id("CVE-2016-6381");
script_bugtraq_id(93195);
script_xref(name:"CISCO-BUG-ID", value:"CSCuy47382");
script_xref(name:"CISCO-SA", value:"cisco-sa-20160928-ios-ikev1");
script_name(english:"Cisco IOS IKEv1 Fragmentation DoS (cisco-sa-20160928-ios-ikev1)");
script_summary(english:"Checks the IOS version.");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
script_set_attribute(attribute:"description", value:
"According to its self-reported version and configuration, the Cisco
IOS software running on the remote device is affected by a denial of
service vulnerability in the Internet Key Exchange version 1 (IKEv1)
subsystem due to improper handling of fragmented IKEv1 packets. An
unauthenticated, remote attacker can exploit this issue, via specially
crafted IKEv1 packets, to cause the device to reload.");
# https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?30c88959");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug ID
CSCuy47382. Alternatively, as a workaround, IKEv2 fragmentation can be
disabled by using the 'no crypto isakmp fragmentation' command.
However, if IKEv1 fragmentation is needed, there is no workaround that
addresses this vulnerability.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2016/09/28");
script_set_attribute(attribute:"patch_publication_date", value:"2016/09/28");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/11/14");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("cisco_ios_version.nasl");
script_require_keys("Host/Cisco/IOS/Version");
exit(0);
}
include("audit.inc");
include("cisco_func.inc");
include("cisco_kb_cmd_func.inc");
flag = 0;
override = 0;
cmds = make_list();
ver = get_kb_item_or_exit("Host/Cisco/IOS/Version");
# Check for vuln version
if ( ver == "12.4(15)T10" ) flag++;
else if ( ver == "12.4(15)T11" ) flag++;
else if ( ver == "12.4(15)T12" ) flag++;
else if ( ver == "12.4(15)T13" ) flag++;
else if ( ver == "12.4(15)T13b" ) flag++;
else if ( ver == "12.4(15)T14" ) flag++;
else if ( ver == "12.4(15)T15" ) flag++;
else if ( ver == "12.4(15)T16" ) flag++;
else if ( ver == "12.4(15)T17" ) flag++;
else if ( ver == "12.4(15)T7" ) flag++;
else if ( ver == "12.4(15)T8" ) flag++;
else if ( ver == "12.4(15)T9" ) flag++;
else if ( ver == "12.4(15)XL4" ) flag++;
else if ( ver == "12.4(15)XL5" ) flag++;
else if ( ver == "12.4(20)MR" ) flag++;
else if ( ver == "12.4(20)MR2" ) flag++;
else if ( ver == "12.4(20)MRB" ) flag++;
else if ( ver == "12.4(20)MRB1" ) flag++;
else if ( ver == "12.4(20)T1" ) flag++;
else if ( ver == "12.4(20)T2" ) flag++;
else if ( ver == "12.4(20)T3" ) flag++;
else if ( ver == "12.4(20)T4" ) flag++;
else if ( ver == "12.4(20)T5" ) flag++;
else if ( ver == "12.4(20)T5a" ) flag++;
else if ( ver == "12.4(20)T6" ) flag++;
else if ( ver == "12.4(22)GC1" ) flag++;
else if ( ver == "12.4(22)GC1a" ) flag++;
else if ( ver == "12.4(22)MD" ) flag++;
else if ( ver == "12.4(22)MD1" ) flag++;
else if ( ver == "12.4(22)MD2" ) flag++;
else if ( ver == "12.4(22)MDA" ) flag++;
else if ( ver == "12.4(22)MDA1" ) flag++;
else if ( ver == "12.4(22)MDA2" ) flag++;
else if ( ver == "12.4(22)MDA3" ) flag++;
else if ( ver == "12.4(22)MDA4" ) flag++;
else if ( ver == "12.4(22)MDA5" ) flag++;
else if ( ver == "12.4(22)MDA6" ) flag++;
else if ( ver == "12.4(22)T" ) flag++;
else if ( ver == "12.4(22)T1" ) flag++;
else if ( ver == "12.4(22)T2" ) flag++;
else if ( ver == "12.4(22)T3" ) flag++;
else if ( ver == "12.4(22)T4" ) flag++;
else if ( ver == "12.4(22)T5" ) flag++;
else if ( ver == "12.4(22)XR1" ) flag++;
else if ( ver == "12.4(22)XR10" ) flag++;
else if ( ver == "12.4(22)XR11" ) flag++;
else if ( ver == "12.4(22)XR12" ) flag++;
else if ( ver == "12.4(22)XR2" ) flag++;
else if ( ver == "12.4(22)XR3" ) flag++;
else if ( ver == "12.4(22)XR4" ) flag++;
else if ( ver == "12.4(22)XR5" ) flag++;
else if ( ver == "12.4(22)XR6" ) flag++;
else if ( ver == "12.4(22)XR7" ) flag++;
else if ( ver == "12.4(22)XR8" ) flag++;
else if ( ver == "12.4(22)XR9" ) flag++;
else if ( ver == "12.4(22)YB" ) flag++;
else if ( ver == "12.4(22)YB1" ) flag++;
else if ( ver == "12.4(22)YB2" ) flag++;
else if ( ver == "12.4(22)YB3" ) flag++;
else if ( ver == "12.4(22)YB4" ) flag++;
else if ( ver == "12.4(22)YB5" ) flag++;
else if ( ver == "12.4(22)YB6" ) flag++;
else if ( ver == "12.4(22)YB7" ) flag++;
else if ( ver == "12.4(22)YB8" ) flag++;
else if ( ver == "12.4(22)YD" ) flag++;
else if ( ver == "12.4(22)YD1" ) flag++;
else if ( ver == "12.4(22)YD2" ) flag++;
else if ( ver == "12.4(22)YD3" ) flag++;
else if ( ver == "12.4(22)YD4" ) flag++;
else if ( ver == "12.4(22)YE" ) flag++;
else if ( ver == "12.4(22)YE1" ) flag++;
else if ( ver == "12.4(22)YE2" ) flag++;
else if ( ver == "12.4(22)YE3" ) flag++;
else if ( ver == "12.4(22)YE4" ) flag++;
else if ( ver == "12.4(22)YE5" ) flag++;
else if ( ver == "12.4(22)YE6" ) flag++;
else if ( ver == "12.4(24)GC1" ) flag++;
else if ( ver == "12.4(24)GC3" ) flag++;
else if ( ver == "12.4(24)GC3a" ) flag++;
else if ( ver == "12.4(24)GC4" ) flag++;
else if ( ver == "12.4(24)GC5" ) flag++;
else if ( ver == "12.4(24)MD" ) flag++;
else if ( ver == "12.4(24)MD1" ) flag++;
else if ( ver == "12.4(24)MD2" ) flag++;
else if ( ver == "12.4(24)MD3" ) flag++;
else if ( ver == "12.4(24)MD4" ) flag++;
else if ( ver == "12.4(24)MD5" ) flag++;
else if ( ver == "12.4(24)MD6" ) flag++;
else if ( ver == "12.4(24)MD7" ) flag++;
else if ( ver == "12.4(24)MDA" ) flag++;
else if ( ver == "12.4(24)MDA1" ) flag++;
else if ( ver == "12.4(24)MDA10" ) flag++;
else if ( ver == "12.4(24)MDA11" ) flag++;
else if ( ver == "12.4(24)MDA12" ) flag++;
else if ( ver == "12.4(24)MDA13" ) flag++;
else if ( ver == "12.4(24)MDA2" ) flag++;
else if ( ver == "12.4(24)MDA3" ) flag++;
else if ( ver == "12.4(24)MDA4" ) flag++;
else if ( ver == "12.4(24)MDA5" ) flag++;
else if ( ver == "12.4(24)MDA6" ) flag++;
else if ( ver == "12.4(24)MDA7" ) flag++;
else if ( ver == "12.4(24)MDA8" ) flag++;
else if ( ver == "12.4(24)MDA9" ) flag++;
else if ( ver == "12.4(24)MDB" ) flag++;
else if ( ver == "12.4(24)MDB1" ) flag++;
else if ( ver == "12.4(24)MDB10" ) flag++;
else if ( ver == "12.4(24)MDB11" ) flag++;
else if ( ver == "12.4(24)MDB12" ) flag++;
else if ( ver == "12.4(24)MDB13" ) flag++;
else if ( ver == "12.4(24)MDB14" ) flag++;
else if ( ver == "12.4(24)MDB15" ) flag++;
else if ( ver == "12.4(24)MDB16" ) flag++;
else if ( ver == "12.4(24)MDB17" ) flag++;
else if ( ver == "12.4(24)MDB18" ) flag++;
else if ( ver == "12.4(24)MDB19" ) flag++;
else if ( ver == "12.4(24)MDB3" ) flag++;
else if ( ver == "12.4(24)MDB4" ) flag++;
else if ( ver == "12.4(24)MDB5" ) flag++;
else if ( ver == "12.4(24)MDB5a" ) flag++;
else if ( ver == "12.4(24)MDB6" ) flag++;
else if ( ver == "12.4(24)MDB7" ) flag++;
else if ( ver == "12.4(24)MDB8" ) flag++;
else if ( ver == "12.4(24)MDB9" ) flag++;
else if ( ver == "12.4(24)T" ) flag++;
else if ( ver == "12.4(24)T1" ) flag++;
else if ( ver == "12.4(24)T10" ) flag++;
else if ( ver == "12.4(24)T11" ) flag++;
else if ( ver == "12.4(24)T12" ) flag++;
else if ( ver == "12.4(24)T2" ) flag++;
else if ( ver == "12.4(24)T3" ) flag++;
else if ( ver == "12.4(24)T3e" ) flag++;
else if ( ver == "12.4(24)T3f" ) flag++;
else if ( ver == "12.4(24)T4" ) flag++;
else if ( ver == "12.4(24)T4a" ) flag++;
else if ( ver == "12.4(24)T4b" ) flag++;
else if ( ver == "12.4(24)T4c" ) flag++;
else if ( ver == "12.4(24)T4d" ) flag++;
else if ( ver == "12.4(24)T4e" ) flag++;
else if ( ver == "12.4(24)T4f" ) flag++;
else if ( ver == "12.4(24)T4g" ) flag++;
else if ( ver == "12.4(24)T4h" ) flag++;
else if ( ver == "12.4(24)T4i" ) flag++;
else if ( ver == "12.4(24)T4j" ) flag++;
else if ( ver == "12.4(24)T4k" ) flag++;
else if ( ver == "12.4(24)T4l" ) flag++;
else if ( ver == "12.4(24)T4m" ) flag++;
else if ( ver == "12.4(24)T4n" ) flag++;
else if ( ver == "12.4(24)T4o" ) flag++;
else if ( ver == "12.4(24)T5" ) flag++;
else if ( ver == "12.4(24)T6" ) flag++;
else if ( ver == "12.4(24)T7" ) flag++;
else if ( ver == "12.4(24)T8" ) flag++;
else if ( ver == "12.4(24)T9" ) flag++;
else if ( ver == "12.4(24)YE" ) flag++;
else if ( ver == "12.4(24)YE1" ) flag++;
else if ( ver == "12.4(24)YE2" ) flag++;
else if ( ver == "12.4(24)YE3" ) flag++;
else if ( ver == "12.4(24)YE3a" ) flag++;
else if ( ver == "12.4(24)YE3b" ) flag++;
else if ( ver == "12.4(24)YE3c" ) flag++;
else if ( ver == "12.4(24)YE3d" ) flag++;
else if ( ver == "12.4(24)YE3e" ) flag++;
else if ( ver == "12.4(24)YE4" ) flag++;
else if ( ver == "12.4(24)YE5" ) flag++;
else if ( ver == "12.4(24)YE6" ) flag++;
else if ( ver == "12.4(24)YE7" ) flag++;
else if ( ver == "12.4(24)YG1" ) flag++;
else if ( ver == "12.4(24)YG2" ) flag++;
else if ( ver == "12.4(24)YG3" ) flag++;
else if ( ver == "12.4(24)YG4" ) flag++;
else if ( ver == "12.4(24)YS" ) flag++;
else if ( ver == "12.4(24)YS1" ) flag++;
else if ( ver == "12.4(24)YS10" ) flag++;
else if ( ver == "12.4(24)YS2" ) flag++;
else if ( ver == "12.4(24)YS3" ) flag++;
else if ( ver == "12.4(24)YS4" ) flag++;
else if ( ver == "12.4(24)YS5" ) flag++;
else if ( ver == "12.4(24)YS6" ) flag++;
else if ( ver == "12.4(24)YS7" ) flag++;
else if ( ver == "12.4(24)YS8" ) flag++;
else if ( ver == "12.4(24)YS8a" ) flag++;
else if ( ver == "12.4(24)YS9" ) flag++;
else if ( ver == "15.0(1)M" ) flag++;
else if ( ver == "15.0(1)M1" ) flag++;
else if ( ver == "15.0(1)M10" ) flag++;
else if ( ver == "15.0(1)M2" ) flag++;
else if ( ver == "15.0(1)M3" ) flag++;
else if ( ver == "15.0(1)M4" ) flag++;
else if ( ver == "15.0(1)M5" ) flag++;
else if ( ver == "15.0(1)M6" ) flag++;
else if ( ver == "15.0(1)M6a" ) flag++;
else if ( ver == "15.0(1)M7" ) flag++;
else if ( ver == "15.0(1)M8" ) flag++;
else if ( ver == "15.0(1)M9" ) flag++;
else if ( ver == "15.0(1)MR" ) flag++;
else if ( ver == "15.0(1)S" ) flag++;
else if ( ver == "15.0(1)S1" ) flag++;
else if ( ver == "15.0(1)S2" ) flag++;
else if ( ver == "15.0(1)S3a" ) flag++;
else if ( ver == "15.0(1)S4" ) flag++;
else if ( ver == "15.0(1)S4a" ) flag++;
else if ( ver == "15.0(1)S5" ) flag++;
else if ( ver == "15.0(1)S6" ) flag++;
else if ( ver == "15.0(1)XA" ) flag++;
else if ( ver == "15.0(1)XA1" ) flag++;
else if ( ver == "15.0(1)XA2" ) flag++;
else if ( ver == "15.0(1)XA3" ) flag++;
else if ( ver == "15.0(1)XA4" ) flag++;
else if ( ver == "15.0(1)XA5" ) flag++;
else if ( ver == "15.0(2a)EX5" ) flag++;
else if ( ver == "15.0(2a)SE9" ) flag++;
else if ( ver == "15.0(2)EB" ) flag++;
else if ( ver == "15.0(2)EC" ) flag++;
else if ( ver == "15.0(2)ED" ) flag++;
else if ( ver == "15.0(2)ED1" ) flag++;
else if ( ver == "15.0(2)EH" ) flag++;
else if ( ver == "15.0(2)EJ" ) flag++;
else if ( ver == "15.0(2)EJ1" ) flag++;
else if ( ver == "15.0(2)EK" ) flag++;
else if ( ver == "15.0(2)EK1" ) flag++;
else if ( ver == "15.0(2)EX" ) flag++;
else if ( ver == "15.0(2)EX1" ) flag++;
else if ( ver == "15.0(2)EX10" ) flag++;
else if ( ver == "15.0(2)EX2" ) flag++;
else if ( ver == "15.0(2)EX3" ) flag++;
else if ( ver == "15.0(2)EX4" ) flag++;
else if ( ver == "15.0(2)EX5" ) flag++;
else if ( ver == "15.0(2)EX6" ) flag++;
else if ( ver == "15.0(2)EX7" ) flag++;
else if ( ver == "15.0(2)EX8" ) flag++;
else if ( ver == "15.0(2)EY" ) flag++;
else if ( ver == "15.0(2)EY1" ) flag++;
else if ( ver == "15.0(2)EY2" ) flag++;
else if ( ver == "15.0(2)EY3" ) flag++;
else if ( ver == "15.0(2)EZ" ) flag++;
else if ( ver == "15.0(2)MR" ) flag++;
else if ( ver == "15.0(2)SE" ) flag++;
else if ( ver == "15.0(2)SE1" ) flag++;
else if ( ver == "15.0(2)SE2" ) flag++;
else if ( ver == "15.0(2)SE3" ) flag++;
else if ( ver == "15.0(2)SE4" ) flag++;
else if ( ver == "15.0(2)SE5" ) flag++;
else if ( ver == "15.0(2)SE6" ) flag++;
else if ( ver == "15.0(2)SE7" ) flag++;
else if ( ver == "15.0(2)SE9" ) flag++;
else if ( ver == "15.1(1)MR" ) flag++;
else if ( ver == "15.1(1)MR1" ) flag++;
else if ( ver == "15.1(1)MR2" ) flag++;
else if ( ver == "15.1(1)MR3" ) flag++;
else if ( ver == "15.1(1)MR4" ) flag++;
else if ( ver == "15.1(1)MR5" ) flag++;
else if ( ver == "15.1(1)MR6" ) flag++;
else if ( ver == "15.1(1)S" ) flag++;
else if ( ver == "15.1(1)S1" ) flag++;
else if ( ver == "15.1(1)S2" ) flag++;
else if ( ver == "15.1(1)SA" ) flag++;
else if ( ver == "15.1(1)SA1" ) flag++;
else if ( ver == "15.1(1)SA2" ) flag++;
else if ( ver == "15.1(1)SG" ) flag++;
else if ( ver == "15.1(1)SG1" ) flag++;
else if ( ver == "15.1(1)SG2" ) flag++;
else if ( ver == "15.1(1)SY" ) flag++;
else if ( ver == "15.1(1)SY1" ) flag++;
else if ( ver == "15.1(1)SY2" ) flag++;
else if ( ver == "15.1(1)SY3" ) flag++;
else if ( ver == "15.1(1)SY4" ) flag++;
else if ( ver == "15.1(1)SY5" ) flag++;
else if ( ver == "15.1(1)SY6" ) flag++;
else if ( ver == "15.1(1)T" ) flag++;
else if ( ver == "15.1(1)T1" ) flag++;
else if ( ver == "15.1(1)T2" ) flag++;
else if ( ver == "15.1(1)T3" ) flag++;
else if ( ver == "15.1(1)T4" ) flag++;
else if ( ver == "15.1(1)T5" ) flag++;
else if ( ver == "15.1(1)XB" ) flag++;
else if ( ver == "15.1(1)XB1" ) flag++;
else if ( ver == "15.1(1)XB2" ) flag++;
else if ( ver == "15.1(1)XB3" ) flag++;
else if ( ver == "15.1(2)EY" ) flag++;
else if ( ver == "15.1(2)EY1" ) flag++;
else if ( ver == "15.1(2)EY1a" ) flag++;
else if ( ver == "15.1(2)EY2" ) flag++;
else if ( ver == "15.1(2)EY2a" ) flag++;
else if ( ver == "15.1(2)EY3" ) flag++;
else if ( ver == "15.1(2)EY4" ) flag++;
else if ( ver == "15.1(2)GC" ) flag++;
else if ( ver == "15.1(2)GC1" ) flag++;
else if ( ver == "15.1(2)GC2" ) flag++;
else if ( ver == "15.1(2)S" ) flag++;
else if ( ver == "15.1(2)S1" ) flag++;
else if ( ver == "15.1(2)S2" ) flag++;
else if ( ver == "15.1(2)SG" ) flag++;
else if ( ver == "15.1(2)SG1" ) flag++;
else if ( ver == "15.1(2)SG2" ) flag++;
else if ( ver == "15.1(2)SG3" ) flag++;
else if ( ver == "15.1(2)SG4" ) flag++;
else if ( ver == "15.1(2)SG5" ) flag++;
else if ( ver == "15.1(2)SG6" ) flag++;
else if ( ver == "15.1(2)SG7" ) flag++;
else if ( ver == "15.1(2)SNG" ) flag++;
else if ( ver == "15.1(2)SNH" ) flag++;
else if ( ver == "15.1(2)SNH1" ) flag++;
else if ( ver == "15.1(2)SNI" ) flag++;
else if ( ver == "15.1(2)SNI1" ) flag++;
else if ( ver == "15.1(2)SY" ) flag++;
else if ( ver == "15.1(2)SY1" ) flag++;
else if ( ver == "15.1(2)SY2" ) flag++;
else if ( ver == "15.1(2)SY3" ) flag++;
else if ( ver == "15.1(2)SY4" ) flag++;
else if ( ver == "15.1(2)SY4a" ) flag++;
else if ( ver == "15.1(2)SY5" ) flag++;
else if ( ver == "15.1(2)SY6" ) flag++;
else if ( ver == "15.1(2)SY7" ) flag++;
else if ( ver == "15.1(2)T" ) flag++;
else if ( ver == "15.1(2)T0a" ) flag++;
else if ( ver == "15.1(2)T1" ) flag++;
else if ( ver == "15.1(2)T2" ) flag++;
else if ( ver == "15.1(2)T2a" ) flag++;
else if ( ver == "15.1(2)T3" ) flag++;
else if ( ver == "15.1(2)T4" ) flag++;
else if ( ver == "15.1(2)T5" ) flag++;
else if ( ver == "15.1(3)MR" ) flag++;
else if ( ver == "15.1(3)MRA" ) flag++;
else if ( ver == "15.1(3)MRA1" ) flag++;
else if ( ver == "15.1(3)MRA2" ) flag++;
else if ( ver == "15.1(3)MRA3" ) flag++;
else if ( ver == "15.1(3)MRA4" ) flag++;
else if ( ver == "15.1(3)S" ) flag++;
else if ( ver == "15.1(3)S0a" ) flag++;
else if ( ver == "15.1(3)S1" ) flag++;
else if ( ver == "15.1(3)S2" ) flag++;
else if ( ver == "15.1(3)S3" ) flag++;
else if ( ver == "15.1(3)S4" ) flag++;
else if ( ver == "15.1(3)S5" ) flag++;
else if ( ver == "15.1(3)S5a" ) flag++;
else if ( ver == "15.1(3)S6" ) flag++;
else if ( ver == "15.1(3)S7" ) flag++;
else if ( ver == "15.1(3)SVB1" ) flag++;
else if ( ver == "15.1(3)SVD" ) flag++;
else if ( ver == "15.1(3)SVD1" ) flag++;
else if ( ver == "15.1(3)SVD2" ) flag++;
else if ( ver == "15.1(3)SVD3" ) flag++;
else if ( ver == "15.1(3)SVE" ) flag++;
else if ( ver == "15.1(3)SVF" ) flag++;
else if ( ver == "15.1(3)SVF1" ) flag++;
else if ( ver == "15.1(3)SVF2" ) flag++;
else if ( ver == "15.1(3)SVF2a" ) flag++;
else if ( ver == "15.1(3)SVF4a" ) flag++;
else if ( ver == "15.1(3)SVF4b" ) flag++;
else if ( ver == "15.1(3)SVF4d" ) flag++;
else if ( ver == "15.1(3)SVG1c" ) flag++;
else if ( ver == "15.1(3)SVG2" ) flag++;
else if ( ver == "15.1(3)SVG2a" ) flag++;
else if ( ver == "15.1(3)SVG3" ) flag++;
else if ( ver == "15.1(3)SVG3a" ) flag++;
else if ( ver == "15.1(3)SVG3b" ) flag++;
else if ( ver == "15.1(3)SVG3c" ) flag++;
else if ( ver == "15.1(3)SVH" ) flag++;
else if ( ver == "15.1(3)SVH2" ) flag++;
else if ( ver == "15.1(3)SVH4" ) flag++;
else if ( ver == "15.1(3)SVI" ) flag++;
else if ( ver == "15.1(3)SVI1" ) flag++;
else if ( ver == "15.1(3)SVI1a" ) flag++;
else if ( ver == "15.1(3)SVI2" ) flag++;
else if ( ver == "15.1(3)T" ) flag++;
else if ( ver == "15.1(3)T1" ) flag++;
else if ( ver == "15.1(3)T2" ) flag++;
else if ( ver == "15.1(3)T3" ) flag++;
else if ( ver == "15.1(3)T4" ) flag++;
else if ( ver == "15.1(4)GC" ) flag++;
else if ( ver == "15.1(4)GC1" ) flag++;
else if ( ver == "15.1(4)GC2" ) flag++;
else if ( ver == "15.1(4)M" ) flag++;
else if ( ver == "15.1(4)M0a" ) flag++;
else if ( ver == "15.1(4)M0b" ) flag++;
else if ( ver == "15.1(4)M1" ) flag++;
else if ( ver == "15.1(4)M10" ) flag++;
else if ( ver == "15.1(4)M11" ) flag++;
else if ( ver == "15.1(4)M12" ) flag++;
else if ( ver == "15.1(4)M12a" ) flag++;
else if ( ver == "15.1(4)M2" ) flag++;
else if ( ver == "15.1(4)M3" ) flag++;
else if ( ver == "15.1(4)M3a" ) flag++;
else if ( ver == "15.1(4)M4" ) flag++;
else if ( ver == "15.1(4)M5" ) flag++;
else if ( ver == "15.1(4)M6" ) flag++;
else if ( ver == "15.1(4)M7" ) flag++;
else if ( ver == "15.1(4)M8" ) flag++;
else if ( ver == "15.1(4)M9" ) flag++;
else if ( ver == "15.1(4)XB4" ) flag++;
else if ( ver == "15.1(4)XB5" ) flag++;
else if ( ver == "15.1(4)XB5a" ) flag++;
else if ( ver == "15.1(4)XB6" ) flag++;
else if ( ver == "15.1(4)XB7" ) flag++;
else if ( ver == "15.1(4)XB8" ) flag++;
else if ( ver == "15.1(4)XB8a" ) flag++;
else if ( ver == "15.2(1)E" ) flag++;
else if ( ver == "15.2(1)E1" ) flag++;
else if ( ver == "15.2(1)E2" ) flag++;
else if ( ver == "15.2(1)E3" ) flag++;
else if ( ver == "15.2(1)EY" ) flag++;
else if ( ver == "15.2(1)EY1" ) flag++;
else if ( ver == "15.2(1)EY2" ) flag++;
else if ( ver == "15.2(1)GC" ) flag++;
else if ( ver == "15.2(1)GC1" ) flag++;
else if ( ver == "15.2(1)GC2" ) flag++;
else if ( ver == "15.2(1)S" ) flag++;
else if ( ver == "15.2(1)S1" ) flag++;
else if ( ver == "15.2(1)S2" ) flag++;
else if ( ver == "15.2(1)SC1a" ) flag++;
else if ( ver == "15.2(1)SC2" ) flag++;
else if ( ver == "15.2(1)SD1" ) flag++;
else if ( ver == "15.2(1)SD2" ) flag++;
else if ( ver == "15.2(1)SD3" ) flag++;
else if ( ver == "15.2(1)SD4" ) flag++;
else if ( ver == "15.2(1)SD6" ) flag++;
else if ( ver == "15.2(1)SD6a" ) flag++;
else if ( ver == "15.2(1)SD8" ) flag++;
else if ( ver == "15.2(1)SY" ) flag++;
else if ( ver == "15.2(1)SY0a" ) flag++;
else if ( ver == "15.2(1)SY1" ) flag++;
else if ( ver == "15.2(1)SY1a" ) flag++;
else if ( ver == "15.2(1)SY2" ) flag++;
else if ( ver == "15.2(1)T" ) flag++;
else if ( ver == "15.2(1)T1" ) flag++;
else if ( ver == "15.2(1)T2" ) flag++;
else if ( ver == "15.2(1)T3" ) flag++;
else if ( ver == "15.2(1)T3a" ) flag++;
else if ( ver == "15.2(1)T4" ) flag++;
else if ( ver == "15.2(2a)E1" ) flag++;
else if ( ver == "15.2(2b)E" ) flag++;
else if ( ver == "15.2(2)E" ) flag++;
else if ( ver == "15.2(2)E1" ) flag++;
else if ( ver == "15.2(2)E2" ) flag++;
else if ( ver == "15.2(2)E4" ) flag++;
else if ( ver == "15.2(2)EA1" ) flag++;
else if ( ver == "15.2(2)EA2" ) flag++;
else if ( ver == "15.2(2)EA3" ) flag++;
else if ( ver == "15.2(2)EB" ) flag++;
else if ( ver == "15.2(2)EB1" ) flag++;
else if ( ver == "15.2(2)EB2" ) flag++;
else if ( ver == "15.2(2)GC" ) flag++;
else if ( ver == "15.2(2)JA" ) flag++;
else if ( ver == "15.2(2)JA1" ) flag++;
else if ( ver == "15.2(2)JAX" ) flag++;
else if ( ver == "15.2(2)JAX1" ) flag++;
else if ( ver == "15.2(2)JB" ) flag++;
else if ( ver == "15.2(2)JB1" ) flag++;
else if ( ver == "15.2(2)JB2" ) flag++;
else if ( ver == "15.2(2)JB3" ) flag++;
else if ( ver == "15.2(2)JB4" ) flag++;
else if ( ver == "15.2(2)JB5" ) flag++;
else if ( ver == "15.2(2)JN1" ) flag++;
else if ( ver == "15.2(2)JN2" ) flag++;
else if ( ver == "15.2(2)S" ) flag++;
else if ( ver == "15.2(2)S0a" ) flag++;
else if ( ver == "15.2(2)S0c" ) flag++;
else if ( ver == "15.2(2)S0d" ) flag++;
else if ( ver == "15.2(2)S1" ) flag++;
else if ( ver == "15.2(2)S2" ) flag++;
else if ( ver == "15.2(2)SC" ) flag++;
else if ( ver == "15.2(2)SNG" ) flag++;
else if ( ver == "15.2(2)SNH" ) flag++;
else if ( ver == "15.2(2)SNH1" ) flag++;
else if ( ver == "15.2(2)SNI" ) flag++;
else if ( ver == "15.2(2)SY" ) flag++;
else if ( ver == "15.2(2)SY1" ) flag++;
else if ( ver == "15.2(2)T" ) flag++;
else if ( ver == "15.2(2)T1" ) flag++;
else if ( ver == "15.2(2)T2" ) flag++;
else if ( ver == "15.2(2)T3" ) flag++;
else if ( ver == "15.2(2)T4" ) flag++;
else if ( ver == "15.2(3a)E" ) flag++;
else if ( ver == "15.2(3)E" ) flag++;
else if ( ver == "15.2(3)E1" ) flag++;
else if ( ver == "15.2(3)E2" ) flag++;
else if ( ver == "15.2(3)E3" ) flag++;
else if ( ver == "15.2(3)EA" ) flag++;
else if ( ver == "15.2(3)GC" ) flag++;
else if ( ver == "15.2(3)GC1" ) flag++;
else if ( ver == "15.2(3)GCA" ) flag++;
else if ( ver == "15.2(3)GCA1" ) flag++;
else if ( ver == "15.2(3m)E2" ) flag++;
else if ( ver == "15.2(3m)E3" ) flag++;
else if ( ver == "15.2(3m)E5" ) flag++;
else if ( ver == "15.2(3m)E7" ) flag++;
else if ( ver == "15.2(3m)E8" ) flag++;
else if ( ver == "15.2(3)T" ) flag++;
else if ( ver == "15.2(3)T1" ) flag++;
else if ( ver == "15.2(3)T2" ) flag++;
else if ( ver == "15.2(3)T3" ) flag++;
else if ( ver == "15.2(3)T4" ) flag++;
else if ( ver == "15.2(3)XA" ) flag++;
else if ( ver == "15.2(4)E" ) flag++;
else if ( ver == "15.2(4)E1" ) flag++;
else if ( ver == "15.2(4)EA" ) flag++;
else if ( ver == "15.2(4)EA1" ) flag++;
else if ( ver == "15.2(4)EA2" ) flag++;
else if ( ver == "15.2(4)EA3" ) flag++;
else if ( ver == "15.2(4)GC" ) flag++;
else if ( ver == "15.2(4)GC1" ) flag++;
else if ( ver == "15.2(4)GC2" ) flag++;
else if ( ver == "15.2(4)GC3" ) flag++;
else if ( ver == "15.2(4)JA" ) flag++;
else if ( ver == "15.2(4)JA1" ) flag++;
else if ( ver == "15.2(4)JAZ" ) flag++;
else if ( ver == "15.2(4)JB" ) flag++;
else if ( ver == "15.2(4)JB1" ) flag++;
else if ( ver == "15.2(4)JB2" ) flag++;
else if ( ver == "15.2(4)JB3" ) flag++;
else if ( ver == "15.2(4)JB3a" ) flag++;
else if ( ver == "15.2(4)JB3b" ) flag++;
else if ( ver == "15.2(4)JB3h" ) flag++;
else if ( ver == "15.2(4)JB3s" ) flag++;
else if ( ver == "15.2(4)JB4" ) flag++;
else if ( ver == "15.2(4)JB5" ) flag++;
else if ( ver == "15.2(4)JB50" ) flag++;
else if ( ver == "15.2(4)JB50a" ) flag++;
else if ( ver == "15.2(4)JB5h" ) flag++;
else if ( ver == "15.2(4)JB5m" ) flag++;
else if ( ver == "15.2(4)JB6" ) flag++;
else if ( ver == "15.2(4)JB7" ) flag++;
else if ( ver == "15.2(4)JN" ) flag++;
else if ( ver == "15.2(4)M" ) flag++;
else if ( ver == "15.2(4)M1" ) flag++;
else if ( ver == "15.2(4)M10" ) flag++;
else if ( ver == "15.2(4)M11" ) flag++;
else if ( ver == "15.2(4)M2" ) flag++;
else if ( ver == "15.2(4)M3" ) flag++;
else if ( ver == "15.2(4)M4" ) flag++;
else if ( ver == "15.2(4)M5" ) flag++;
else if ( ver == "15.2(4)M6" ) flag++;
else if ( ver == "15.2(4)M6a" ) flag++;
else if ( ver == "15.2(4)M6b" ) flag++;
else if ( ver == "15.2(4)M7" ) flag++;
else if ( ver == "15.2(4)M8" ) flag++;
else if ( ver == "15.2(4)M9" ) flag++;
else if ( ver == "15.2(4m)E1" ) flag++;
else if ( ver == "15.2(4)S" ) flag++;
else if ( ver == "15.2(4)S0c" ) flag++;
else if ( ver == "15.2(4)S1" ) flag++;
else if ( ver == "15.2(4)S1c" ) flag++;
else if ( ver == "15.2(4)S2" ) flag++;
else if ( ver == "15.2(4)S3" ) flag++;
else if ( ver == "15.2(4)S3a" ) flag++;
else if ( ver == "15.2(4)S4" ) flag++;
else if ( ver == "15.2(4)S4a" ) flag++;
else if ( ver == "15.2(4)S5" ) flag++;
else if ( ver == "15.2(4)S6" ) flag++;
else if ( ver == "15.2(4)S7" ) flag++;
else if ( ver == "15.2(4)S8" ) flag++;
else if ( ver == "15.2(4)XB10" ) flag++;
else if ( ver == "15.2(4)XB11" ) flag++;
else if ( ver == "15.3(0)SY" ) flag++;
else if ( ver == "15.3(1)S" ) flag++;
else if ( ver == "15.3(1)S1" ) flag++;
else if ( ver == "15.3(1)S1e" ) flag++;
else if ( ver == "15.3(1)S2" ) flag++;
else if ( ver == "15.3(1)SY" ) flag++;
else if ( ver == "15.3(1)T" ) flag++;
else if ( ver == "15.3(1)T1" ) flag++;
else if ( ver == "15.3(1)T2" ) flag++;
else if ( ver == "15.3(1)T3" ) flag++;
else if ( ver == "15.3(1)T4" ) flag++;
else if ( ver == "15.3(2)S" ) flag++;
else if ( ver == "15.3(2)S0a" ) flag++;
else if ( ver == "15.3(2)S1" ) flag++;
else if ( ver == "15.3(2)S2" ) flag++;
else if ( ver == "15.3(2)T" ) flag++;
else if ( ver == "15.3(2)T1" ) flag++;
else if ( ver == "15.3(2)T2" ) flag++;
else if ( ver == "15.3(2)T3" ) flag++;
else if ( ver == "15.3(2)T4" ) flag++;
else if ( ver == "15.3(3)JA" ) flag++;
else if ( ver == "15.3(3)JA1" ) flag++;
else if ( ver == "15.3(3)JA100" ) flag++;
else if ( ver == "15.3(3)JA1m" ) flag++;
else if ( ver == "15.3(3)JA1n" ) flag++;
else if ( ver == "15.3(3)JA2" ) flag++;
else if ( ver == "15.3(3)JA3" ) flag++;
else if ( ver == "15.3(3)JA4" ) flag++;
else if ( ver == "15.3(3)JA5" ) flag++;
else if ( ver == "15.3(3)JA6" ) flag++;
else if ( ver == "15.3(3)JA7" ) flag++;
else if ( ver == "15.3(3)JA75" ) flag++;
else if ( ver == "15.3(3)JA77" ) flag++;
else if ( ver == "15.3(3)JA8" ) flag++;
else if ( ver == "15.3(3)JA9" ) flag++;
else if ( ver == "15.3(3)JAA" ) flag++;
else if ( ver == "15.3(3)JAB" ) flag++;
else if ( ver == "15.3(3)JAX" ) flag++;
else if ( ver == "15.3(3)JAX1" ) flag++;
else if ( ver == "15.3(3)JAX2" ) flag++;
else if ( ver == "15.3(3)JB" ) flag++;
else if ( ver == "15.3(3)JB75" ) flag++;
else if ( ver == "15.3(3)JBB" ) flag++;
else if ( ver == "15.3(3)JBB1" ) flag++;
else if ( ver == "15.3(3)JBB2" ) flag++;
else if ( ver == "15.3(3)JBB4" ) flag++;
else if ( ver == "15.3(3)JBB5" ) flag++;
else if ( ver == "15.3(3)JBB50" ) flag++;
else if ( ver == "15.3(3)JBB6" ) flag++;
else if ( ver == "15.3(3)JBB6a" ) flag++;
else if ( ver == "15.3(3)JBB8" ) flag++;
else if ( ver == "15.3(3)JC" ) flag++;
else if ( ver == "15.3(3)JC30" ) flag++;
else if ( ver == "15.3(3)JN3" ) flag++;
else if ( ver == "15.3(3)JN4" ) flag++;
else if ( ver == "15.3(3)JN6" ) flag++;
else if ( ver == "15.3(3)JN7" ) flag++;
else if ( ver == "15.3(3)JN8" ) flag++;
else if ( ver == "15.3(3)JNB" ) flag++;
else if ( ver == "15.3(3)JNB1" ) flag++;
else if ( ver == "15.3(3)JNB2" ) flag++;
else if ( ver == "15.3(3)JNB3" ) flag++;
else if ( ver == "15.3(3)JNC" ) flag++;
else if ( ver == "15.3(3)JNC1" ) flag++;
else if ( ver == "15.3(3)JNP" ) flag++;
else if ( ver == "15.3(3)JNP1" ) flag++;
else if ( ver == "15.3(3)M" ) flag++;
else if ( ver == "15.3(3)M1" ) flag++;
else if ( ver == "15.3(3)M2" ) flag++;
else if ( ver == "15.3(3)M3" ) flag++;
else if ( ver == "15.3(3)M4" ) flag++;
else if ( ver == "15.3(3)M5" ) flag++;
else if ( ver == "15.3(3)M6" ) flag++;
else if ( ver == "15.3(3)M7" ) flag++;
else if ( ver == "15.3(3)S" ) flag++;
else if ( ver == "15.3(3)S1" ) flag++;
else if ( ver == "15.3(3)S1a" ) flag++;
else if ( ver == "15.3(3)S2" ) flag++;
else if ( ver == "15.3(3)S2a" ) flag++;
else if ( ver == "15.3(3)S3" ) flag++;
else if ( ver == "15.3(3)S4" ) flag++;
else if ( ver == "15.3(3)S5" ) flag++;
else if ( ver == "15.3(3)S6" ) flag++;
else if ( ver == "15.3(3)S6a" ) flag++;
else if ( ver == "15.3(3)S7" ) flag++;
else if ( ver == "15.3(3)XB12" ) flag++;
else if ( ver == "15.4(1)CG" ) flag++;
else if ( ver == "15.4(1)CG1" ) flag++;
else if ( ver == "15.4(1)S" ) flag++;
else if ( ver == "15.4(1)S1" ) flag++;
else if ( ver == "15.4(1)S2" ) flag++;
else if ( ver == "15.4(1)S3" ) flag++;
else if ( ver == "15.4(1)S4" ) flag++;
else if ( ver == "15.4(1)T" ) flag++;
else if ( ver == "15.4(1)T1" ) flag++;
else if ( ver == "15.4(1)T2" ) flag++;
else if ( ver == "15.4(1)T3" ) flag++;
else if ( ver == "15.4(1)T4" ) flag++;
else if ( ver == "15.4(2)CG" ) flag++;
else if ( ver == "15.4(2)S" ) flag++;
else if ( ver == "15.4(2)S1" ) flag++;
else if ( ver == "15.4(2)S2" ) flag++;
else if ( ver == "15.4(2)S3" ) flag++;
else if ( ver == "15.4(2)S4" ) flag++;
else if ( ver == "15.4(2)SN" ) flag++;
else if ( ver == "15.4(2)SN1" ) flag++;
else if ( ver == "15.4(2)T" ) flag++;
else if ( ver == "15.4(2)T1" ) flag++;
else if ( ver == "15.4(2)T2" ) flag++;
else if ( ver == "15.4(2)T3" ) flag++;
else if ( ver == "15.4(2)T4" ) flag++;
else if ( ver == "15.4(3)M" ) flag++;
else if ( ver == "15.4(3)M1" ) flag++;
else if ( ver == "15.4(3)M2" ) flag++;
else if ( ver == "15.4(3)M3" ) flag++;
else if ( ver == "15.4(3)M4" ) flag++;
else if ( ver == "15.4(3)M5" ) flag++;
else if ( ver == "15.4(3)S" ) flag++;
else if ( ver == "15.4(3)S0d" ) flag++;
else if ( ver == "15.4(3)S0e" ) flag++;
else if ( ver == "15.4(3)S1" ) flag++;
else if ( ver == "15.4(3)S2" ) flag++;
else if ( ver == "15.4(3)S3" ) flag++;
else if ( ver == "15.4(3)S4" ) flag++;
else if ( ver == "15.4(3)S5" ) flag++;
else if ( ver == "15.4(3)SN1" ) flag++;
else if ( ver == "15.5(1)S" ) flag++;
else if ( ver == "15.5(1)S1" ) flag++;
else if ( ver == "15.5(1)S2" ) flag++;
else if ( ver == "15.5(1)S3" ) flag++;
else if ( ver == "15.5(1)SN" ) flag++;
else if ( ver == "15.5(1)SN1" ) flag++;
else if ( ver == "15.5(1)T" ) flag++;
else if ( ver == "15.5(1)T1" ) flag++;
else if ( ver == "15.5(1)T2" ) flag++;
else if ( ver == "15.5(1)T3" ) flag++;
else if ( ver == "15.5(1)T4" ) flag++;
else if ( ver == "15.5(2)S" ) flag++;
else if ( ver == "15.5(2)S1" ) flag++;
else if ( ver == "15.5(2)S2" ) flag++;
else if ( ver == "15.5(2)S3" ) flag++;
else if ( ver == "15.5(2)SN" ) flag++;
else if ( ver == "15.5(2)SN0a" ) flag++;
else if ( ver == "15.5(2)T" ) flag++;
else if ( ver == "15.5(2)T1" ) flag++;
else if ( ver == "15.5(2)T2" ) flag++;
else if ( ver == "15.5(2)T3" ) flag++;
else if ( ver == "15.5(2)T4" ) flag++;
else if ( ver == "15.5(2)XB" ) flag++;
else if ( ver == "15.5(3)M" ) flag++;
else if ( ver == "15.5(3)M0a" ) flag++;
else if ( ver == "15.5(3)M1" ) flag++;
else if ( ver == "15.5(3)M2" ) flag++;
else if ( ver == "15.5(3)M2a" ) flag++;
else if ( ver == "15.5(3)S" ) flag++;
else if ( ver == "15.5(3)S0a" ) flag++;
else if ( ver == "15.5(3)S1" ) flag++;
else if ( ver == "15.5(3)S1a" ) flag++;
else if ( ver == "15.5(3)S2" ) flag++;
else if ( ver == "15.5(3)SN" ) flag++;
else if ( ver == "15.5(3)SN0a" ) flag++;
else if ( ver == "15.6(1)S" ) flag++;
else if ( ver == "15.6(1)S1" ) flag++;
else if ( ver == "15.6(1)SN" ) flag++;
else if ( ver == "15.6(1)SN1" ) flag++;
else if ( ver == "15.6(1)T" ) flag++;
else if ( ver == "15.6(1)T0a" ) flag++;
else if ( ver == "15.6(1)T1" ) flag++;
else if ( ver == "15.6(2)S" ) flag++;
else if ( ver == "15.6(2)SN" ) flag++;
if(!flag)
audit(AUDIT_INST_VER_NOT_VULN, ver);
# Check that IKEv1 config or IKEv1 is running
if (get_kb_item("Host/local_checks_enabled"))
{
flag = 0;
# Check for condition 1, IKEv1 config
buf = cisco_command_kb_item("Host/Cisco/Config/show_running-config","show running-config");
if (check_cisco_result(buf))
{
if ( "crypto isakmp fragmentation" >< buf )
{
flag = 1;
cmds = make_list('show running-config');
}
}
else if (cisco_needs_enable(buf))
{
flag = 1;
override = 1;
}
# Check for condition 2, IKEv1 is running
if (flag)
{
flag = 0;
pat = "(\d+.\d+.\d+.\d+|.*:.*|UNKNOWN|--any--)\s+(500|4500)\s";
buf = cisco_command_kb_item("Host/Cisco/Config/show_ip_sockets","show ip sockets");
if (!flag)
{
if (check_cisco_result(buf))
{
if (preg(multiline:TRUE, pattern:pat, string:buf))
{
flag = 1;
cmds = make_list(cmds, 'show ip sockets');
}
}
else if (cisco_needs_enable(buf))
{
flag = 1;
override = 1;
}
}
if (!flag)
{
buf = cisco_command_kb_item("Host/Cisco/Config/show_udp","show udp");
if (check_cisco_result(buf))
{
if (preg(multiline:TRUE, pattern:pat, string:buf))
{
flag = 1;
cmds = make_list(cmds, 'show udp');
}
}
else if (cisco_needs_enable(buf))
{
flag = 1;
override = 1;
}
}
}
}
if (flag)
{
security_report_cisco(
port : 0,
severity : SECURITY_HOLE,
override : override,
version : ver,
bug_id : 'CSCuy47382',
cmds : cmds
);
}
else audit(AUDIT_HOST_NOT, "affected");
{"id": "CISCO-SA-20160928-IKEV1-IOS.NASL", "bulletinFamily": "scanner", "title": "Cisco IOS IKEv1 Fragmentation DoS (cisco-sa-20160928-ios-ikev1)", "description": "According to its self-reported version and configuration, the Cisco\nIOS software running on the remote device is affected by a denial of\nservice vulnerability in the Internet Key Exchange version 1 (IKEv1)\nsubsystem due to improper handling of fragmented IKEv1 packets. An\nunauthenticated, remote attacker can exploit this issue, via specially\ncrafted IKEv1 packets, to cause the device to reload.", "published": "2016-11-14T00:00:00", "modified": "2021-02-02T00:00:00", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "href": "https://www.tenable.com/plugins/nessus/94762", "reporter": "This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?30c88959"], "cvelist": ["CVE-2016-6381"], "type": "nessus", "lastseen": "2021-02-01T01:37:01", "edition": 27, "viewCount": 17, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2016-6381"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310106307", "OPENVAS:1361412562310106308"]}, {"type": "cisco", "idList": ["CISCO-SA-20160928-IOS-IKEV1"]}, {"type": "nessus", "idList": ["CISCO-SA-20160928-IKEV1-IOSXE.NASL"]}, {"type": "threatpost", "idList": ["THREATPOST:28BC84E8AEC7BCA1110731647FE9A404"]}, {"type": "ics", "idList": ["ICSA-17-094-04"]}], "modified": "2021-02-01T01:37:01", "rev": 2}, "score": {"value": 7.1, "vector": "NONE", "modified": "2021-02-01T01:37:01", "rev": 2}, "vulnersScore": 7.1}, "sourceData": "#TRUSTED 65e0fb5b6a28bf44ba74f58bd90b9490d4e732890eaed29c826b320ceabdf9f91d372e491326ee85574f61599034242cd5eb8eea2ecafa2a52d499e6eaf2c6db30fa3b54ba22538e33f675968348649ce458b7e8b278410a6760925ecdcf991386eb724d2ac9408a2084d2a6894d400e56a47f9d76bb674ded00eb331721f84f229ab1d96a3fbb7fc11f119caafd4ad053f07ae769e253ab5ea50ad6ca8e6b1343abcb42f3380a9d5b82e684d59884854a0152a0adae374f0ee595ac8add0560f5022d4029110cdf7c712679216c00a1ff7746ef7a48418f76f3440cc528d57987e300a64e94937bfc074dff285cf62fe81f04126c7272ed137c9e097233b601f2c7288de4259c38f1ab3be1e95261a680f0e2e07b3b1577b374f91cae64ccdc218ded3ed251be16c974b925957d28b6d7477762c0fdef6fcd220888457d32015e99ac12622725d0a98109f2036be175fc8e0cccdceac6e8d7588d8c0635f50d5aa32eb8d5a38dddd855a4560b623bc7ce31b20d8cc1f466ec3009a297ec361f12f68be723af776d0a6f425cb6ddeb91b8c1a3e9e3e57cb0e544e3e6cda9c1dd319f43ac71ba5842cdcaa5d7c1d502de6f4b20258b08c4772b85a4d9e7b66422d744fac69247ebc48cdada35b9384cf7c21681ca02044727ae03c59cc9d9e95608595ad2b3f9cdd3cba4812256dfed9ab7d7ad3f4fb6b7631756ec5e8d7d4acc\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94762);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/11/14\");\n\n script_cve_id(\"CVE-2016-6381\");\n script_bugtraq_id(93195);\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCuy47382\");\n script_xref(name:\"CISCO-SA\", value:\"cisco-sa-20160928-ios-ikev1\");\n\n script_name(english:\"Cisco IOS IKEv1 Fragmentation DoS (cisco-sa-20160928-ios-ikev1)\");\n script_summary(english:\"Checks the IOS version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version and configuration, the Cisco\nIOS software running on the remote device is affected by a denial of\nservice vulnerability in the Internet Key Exchange version 1 (IKEv1)\nsubsystem due to improper handling of fragmented IKEv1 packets. An\nunauthenticated, remote attacker can exploit this issue, via specially\ncrafted IKEv1 packets, to cause the device to reload.\");\n # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?30c88959\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to the relevant fixed version referenced in Cisco bug ID\nCSCuy47382. Alternatively, as a workaround, IKEv2 fragmentation can be\ndisabled by using the 'no crypto isakmp fragmentation' command.\nHowever, if IKEv1 fragmentation is needed, there is no workaround that\naddresses this vulnerability.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:cisco:ios\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CISCO\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"cisco_ios_version.nasl\");\n script_require_keys(\"Host/Cisco/IOS/Version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"cisco_func.inc\");\ninclude(\"cisco_kb_cmd_func.inc\");\n\nflag = 0;\noverride = 0;\ncmds = make_list();\n\nver = get_kb_item_or_exit(\"Host/Cisco/IOS/Version\");\n\n# Check for vuln version\nif ( ver == \"12.4(15)T10\" ) flag++;\nelse if ( ver == \"12.4(15)T11\" ) flag++;\nelse if ( ver == \"12.4(15)T12\" ) flag++;\nelse if ( ver == \"12.4(15)T13\" ) flag++;\nelse if ( ver == \"12.4(15)T13b\" ) flag++;\nelse if ( ver == \"12.4(15)T14\" ) flag++;\nelse if ( ver == \"12.4(15)T15\" ) flag++;\nelse if ( ver == \"12.4(15)T16\" ) flag++;\nelse if ( ver == \"12.4(15)T17\" ) flag++;\nelse if ( ver == \"12.4(15)T7\" ) flag++;\nelse if ( ver == \"12.4(15)T8\" ) flag++;\nelse if ( ver == \"12.4(15)T9\" ) flag++;\nelse if ( ver == \"12.4(15)XL4\" ) flag++;\nelse if ( ver == \"12.4(15)XL5\" ) flag++;\nelse if ( ver == \"12.4(20)MR\" ) flag++;\nelse if ( ver == \"12.4(20)MR2\" ) flag++;\nelse if ( ver == \"12.4(20)MRB\" ) flag++;\nelse if ( ver == \"12.4(20)MRB1\" ) flag++;\nelse if ( ver == \"12.4(20)T1\" ) flag++;\nelse if ( ver == \"12.4(20)T2\" ) flag++;\nelse if ( ver == \"12.4(20)T3\" ) flag++;\nelse if ( ver == \"12.4(20)T4\" ) flag++;\nelse if ( ver == \"12.4(20)T5\" ) flag++;\nelse if ( ver == \"12.4(20)T5a\" ) flag++;\nelse if ( ver == \"12.4(20)T6\" ) flag++;\nelse if ( ver == \"12.4(22)GC1\" ) flag++;\nelse if ( ver == \"12.4(22)GC1a\" ) flag++;\nelse if ( ver == \"12.4(22)MD\" ) flag++;\nelse if ( ver == \"12.4(22)MD1\" ) flag++;\nelse if ( ver == \"12.4(22)MD2\" ) flag++;\nelse if ( ver == \"12.4(22)MDA\" ) flag++;\nelse if ( ver == \"12.4(22)MDA1\" ) flag++;\nelse if ( ver == \"12.4(22)MDA2\" ) flag++;\nelse if ( ver == \"12.4(22)MDA3\" ) flag++;\nelse if ( ver == \"12.4(22)MDA4\" ) flag++;\nelse if ( ver == \"12.4(22)MDA5\" ) flag++;\nelse if ( ver == \"12.4(22)MDA6\" ) flag++;\nelse if ( ver == \"12.4(22)T\" ) flag++;\nelse if ( ver == \"12.4(22)T1\" ) flag++;\nelse if ( ver == \"12.4(22)T2\" ) flag++;\nelse if ( ver == \"12.4(22)T3\" ) flag++;\nelse if ( ver == \"12.4(22)T4\" ) flag++;\nelse if ( ver == \"12.4(22)T5\" ) flag++;\nelse if ( ver == \"12.4(22)XR1\" ) flag++;\nelse if ( ver == \"12.4(22)XR10\" ) flag++;\nelse if ( ver == \"12.4(22)XR11\" ) flag++;\nelse if ( ver == \"12.4(22)XR12\" ) flag++;\nelse if ( ver == \"12.4(22)XR2\" ) flag++;\nelse if ( ver == \"12.4(22)XR3\" ) flag++;\nelse if ( ver == \"12.4(22)XR4\" ) flag++;\nelse if ( ver == \"12.4(22)XR5\" ) flag++;\nelse if ( ver == \"12.4(22)XR6\" ) flag++;\nelse if ( ver == \"12.4(22)XR7\" ) flag++;\nelse if ( ver == \"12.4(22)XR8\" ) flag++;\nelse if ( ver == \"12.4(22)XR9\" ) flag++;\nelse if ( ver == \"12.4(22)YB\" ) flag++;\nelse if ( ver == \"12.4(22)YB1\" ) flag++;\nelse if ( ver == \"12.4(22)YB2\" ) flag++;\nelse if ( ver == \"12.4(22)YB3\" ) flag++;\nelse if ( ver == \"12.4(22)YB4\" ) flag++;\nelse if ( ver == \"12.4(22)YB5\" ) flag++;\nelse if ( ver == \"12.4(22)YB6\" ) flag++;\nelse if ( ver == \"12.4(22)YB7\" ) flag++;\nelse if ( ver == \"12.4(22)YB8\" ) flag++;\nelse if ( ver == \"12.4(22)YD\" ) flag++;\nelse if ( ver == \"12.4(22)YD1\" ) flag++;\nelse if ( ver == \"12.4(22)YD2\" ) flag++;\nelse if ( ver == \"12.4(22)YD3\" ) flag++;\nelse if ( ver == \"12.4(22)YD4\" ) flag++;\nelse if ( ver == \"12.4(22)YE\" ) flag++;\nelse if ( ver == \"12.4(22)YE1\" ) flag++;\nelse if ( ver == \"12.4(22)YE2\" ) flag++;\nelse if ( ver == \"12.4(22)YE3\" ) flag++;\nelse if ( ver == \"12.4(22)YE4\" ) flag++;\nelse if ( ver == \"12.4(22)YE5\" ) flag++;\nelse if ( ver == \"12.4(22)YE6\" ) flag++;\nelse if ( ver == \"12.4(24)GC1\" ) flag++;\nelse if ( ver == \"12.4(24)GC3\" ) flag++;\nelse if ( ver == \"12.4(24)GC3a\" ) flag++;\nelse if ( ver == \"12.4(24)GC4\" ) flag++;\nelse if ( ver == \"12.4(24)GC5\" ) flag++;\nelse if ( ver == \"12.4(24)MD\" ) flag++;\nelse if ( ver == \"12.4(24)MD1\" ) flag++;\nelse if ( ver == \"12.4(24)MD2\" ) flag++;\nelse if ( ver == \"12.4(24)MD3\" ) flag++;\nelse if ( ver == \"12.4(24)MD4\" ) flag++;\nelse if ( ver == \"12.4(24)MD5\" ) flag++;\nelse if ( ver == \"12.4(24)MD6\" ) flag++;\nelse if ( ver == \"12.4(24)MD7\" ) flag++;\nelse if ( ver == \"12.4(24)MDA\" ) flag++;\nelse if ( ver == \"12.4(24)MDA1\" ) flag++;\nelse if ( ver == \"12.4(24)MDA10\" ) flag++;\nelse if ( ver == \"12.4(24)MDA11\" ) flag++;\nelse if ( ver == \"12.4(24)MDA12\" ) flag++;\nelse if ( ver == \"12.4(24)MDA13\" ) flag++;\nelse if ( ver == \"12.4(24)MDA2\" ) flag++;\nelse if ( ver == \"12.4(24)MDA3\" ) flag++;\nelse if ( ver == \"12.4(24)MDA4\" ) flag++;\nelse if ( ver == \"12.4(24)MDA5\" ) flag++;\nelse if ( ver == \"12.4(24)MDA6\" ) flag++;\nelse if ( ver == \"12.4(24)MDA7\" ) flag++;\nelse if ( ver == \"12.4(24)MDA8\" ) flag++;\nelse if ( ver == \"12.4(24)MDA9\" ) flag++;\nelse if ( ver == \"12.4(24)MDB\" ) flag++;\nelse if ( ver == \"12.4(24)MDB1\" ) flag++;\nelse if ( ver == \"12.4(24)MDB10\" ) flag++;\nelse if ( ver == \"12.4(24)MDB11\" ) flag++;\nelse if ( ver == \"12.4(24)MDB12\" ) flag++;\nelse if ( ver == \"12.4(24)MDB13\" ) flag++;\nelse if ( ver == \"12.4(24)MDB14\" ) flag++;\nelse if ( ver == \"12.4(24)MDB15\" ) flag++;\nelse if ( ver == \"12.4(24)MDB16\" ) flag++;\nelse if ( ver == \"12.4(24)MDB17\" ) flag++;\nelse if ( ver == \"12.4(24)MDB18\" ) flag++;\nelse if ( ver == \"12.4(24)MDB19\" ) flag++;\nelse if ( ver == \"12.4(24)MDB3\" ) flag++;\nelse if ( ver == \"12.4(24)MDB4\" ) flag++;\nelse if ( ver == \"12.4(24)MDB5\" ) flag++;\nelse if ( ver == \"12.4(24)MDB5a\" ) flag++;\nelse if ( ver == \"12.4(24)MDB6\" ) flag++;\nelse if ( ver == \"12.4(24)MDB7\" ) flag++;\nelse if ( ver == \"12.4(24)MDB8\" ) flag++;\nelse if ( ver == \"12.4(24)MDB9\" ) flag++;\nelse if ( ver == \"12.4(24)T\" ) flag++;\nelse if ( ver == \"12.4(24)T1\" ) flag++;\nelse if ( ver == \"12.4(24)T10\" ) flag++;\nelse if ( ver == \"12.4(24)T11\" ) flag++;\nelse if ( ver == \"12.4(24)T12\" ) flag++;\nelse if ( ver == \"12.4(24)T2\" ) flag++;\nelse if ( ver == \"12.4(24)T3\" ) flag++;\nelse if ( ver == \"12.4(24)T3e\" ) flag++;\nelse if ( ver == \"12.4(24)T3f\" ) flag++;\nelse if ( ver == \"12.4(24)T4\" ) flag++;\nelse if ( ver == \"12.4(24)T4a\" ) flag++;\nelse if ( ver == \"12.4(24)T4b\" ) flag++;\nelse if ( ver == \"12.4(24)T4c\" ) flag++;\nelse if ( ver == \"12.4(24)T4d\" ) flag++;\nelse if ( ver == \"12.4(24)T4e\" ) flag++;\nelse if ( ver == \"12.4(24)T4f\" ) flag++;\nelse if ( ver == \"12.4(24)T4g\" ) flag++;\nelse if ( ver == \"12.4(24)T4h\" ) flag++;\nelse if ( ver == \"12.4(24)T4i\" ) flag++;\nelse if ( ver == \"12.4(24)T4j\" ) flag++;\nelse if ( ver == \"12.4(24)T4k\" ) flag++;\nelse if ( ver == \"12.4(24)T4l\" ) flag++;\nelse if ( ver == \"12.4(24)T4m\" ) flag++;\nelse if ( ver == \"12.4(24)T4n\" ) flag++;\nelse if ( ver == \"12.4(24)T4o\" ) flag++;\nelse if ( ver == \"12.4(24)T5\" ) flag++;\nelse if ( ver == \"12.4(24)T6\" ) flag++;\nelse if ( ver == \"12.4(24)T7\" ) flag++;\nelse if ( ver == \"12.4(24)T8\" ) flag++;\nelse if ( ver == \"12.4(24)T9\" ) flag++;\nelse if ( ver == \"12.4(24)YE\" ) flag++;\nelse if ( ver == \"12.4(24)YE1\" ) flag++;\nelse if ( ver == \"12.4(24)YE2\" ) flag++;\nelse if ( ver == \"12.4(24)YE3\" ) flag++;\nelse if ( ver == \"12.4(24)YE3a\" ) flag++;\nelse if ( ver == \"12.4(24)YE3b\" ) flag++;\nelse if ( ver == \"12.4(24)YE3c\" ) flag++;\nelse if ( ver == \"12.4(24)YE3d\" ) flag++;\nelse if ( ver == \"12.4(24)YE3e\" ) flag++;\nelse if ( ver == \"12.4(24)YE4\" ) flag++;\nelse if ( ver == \"12.4(24)YE5\" ) flag++;\nelse if ( ver == \"12.4(24)YE6\" ) flag++;\nelse if ( ver == \"12.4(24)YE7\" ) flag++;\nelse if ( ver == \"12.4(24)YG1\" ) flag++;\nelse if ( ver == \"12.4(24)YG2\" ) flag++;\nelse if ( ver == \"12.4(24)YG3\" ) flag++;\nelse if ( ver == \"12.4(24)YG4\" ) flag++;\nelse if ( ver == \"12.4(24)YS\" ) flag++;\nelse if ( ver == \"12.4(24)YS1\" ) flag++;\nelse if ( ver == \"12.4(24)YS10\" ) flag++;\nelse if ( ver == \"12.4(24)YS2\" ) flag++;\nelse if ( ver == \"12.4(24)YS3\" ) flag++;\nelse if ( ver == \"12.4(24)YS4\" ) flag++;\nelse if ( ver == \"12.4(24)YS5\" ) flag++;\nelse if ( ver == \"12.4(24)YS6\" ) flag++;\nelse if ( ver == \"12.4(24)YS7\" ) flag++;\nelse if ( ver == \"12.4(24)YS8\" ) flag++;\nelse if ( ver == \"12.4(24)YS8a\" ) flag++;\nelse if ( ver == \"12.4(24)YS9\" ) flag++;\nelse if ( ver == \"15.0(1)M\" ) flag++;\nelse if ( ver == \"15.0(1)M1\" ) flag++;\nelse if ( ver == \"15.0(1)M10\" ) flag++;\nelse if ( ver == \"15.0(1)M2\" ) flag++;\nelse if ( ver == \"15.0(1)M3\" ) flag++;\nelse if ( ver == \"15.0(1)M4\" ) flag++;\nelse if ( ver == \"15.0(1)M5\" ) flag++;\nelse if ( ver == \"15.0(1)M6\" ) flag++;\nelse if ( ver == \"15.0(1)M6a\" ) flag++;\nelse if ( ver == \"15.0(1)M7\" ) flag++;\nelse if ( ver == \"15.0(1)M8\" ) flag++;\nelse if ( ver == \"15.0(1)M9\" ) flag++;\nelse if ( ver == \"15.0(1)MR\" ) flag++;\nelse if ( ver == \"15.0(1)S\" ) flag++;\nelse if ( ver == \"15.0(1)S1\" ) flag++;\nelse if ( ver == \"15.0(1)S2\" ) flag++;\nelse if ( ver == \"15.0(1)S3a\" ) flag++;\nelse if ( ver == \"15.0(1)S4\" ) flag++;\nelse if ( ver == \"15.0(1)S4a\" ) flag++;\nelse if ( ver == \"15.0(1)S5\" ) flag++;\nelse if ( ver == \"15.0(1)S6\" ) flag++;\nelse if ( ver == \"15.0(1)XA\" ) flag++;\nelse if ( ver == \"15.0(1)XA1\" ) flag++;\nelse if ( ver == \"15.0(1)XA2\" ) flag++;\nelse if ( ver == \"15.0(1)XA3\" ) flag++;\nelse if ( ver == \"15.0(1)XA4\" ) flag++;\nelse if ( ver == \"15.0(1)XA5\" ) flag++;\nelse if ( ver == \"15.0(2a)EX5\" ) flag++;\nelse if ( ver == \"15.0(2a)SE9\" ) flag++;\nelse if ( ver == \"15.0(2)EB\" ) flag++;\nelse if ( ver == \"15.0(2)EC\" ) flag++;\nelse if ( ver == \"15.0(2)ED\" ) flag++;\nelse if ( ver == \"15.0(2)ED1\" ) flag++;\nelse if ( ver == \"15.0(2)EH\" ) flag++;\nelse if ( ver == \"15.0(2)EJ\" ) flag++;\nelse if ( ver == \"15.0(2)EJ1\" ) flag++;\nelse if ( ver == \"15.0(2)EK\" ) flag++;\nelse if ( ver == \"15.0(2)EK1\" ) flag++;\nelse if ( ver == \"15.0(2)EX\" ) flag++;\nelse if ( ver == \"15.0(2)EX1\" ) flag++;\nelse if ( ver == \"15.0(2)EX10\" ) flag++;\nelse if ( ver == \"15.0(2)EX2\" ) flag++;\nelse if ( ver == \"15.0(2)EX3\" ) flag++;\nelse if ( ver == \"15.0(2)EX4\" ) flag++;\nelse if ( ver == \"15.0(2)EX5\" ) flag++;\nelse if ( ver == \"15.0(2)EX6\" ) flag++;\nelse if ( ver == \"15.0(2)EX7\" ) flag++;\nelse if ( ver == \"15.0(2)EX8\" ) flag++;\nelse if ( ver == \"15.0(2)EY\" ) flag++;\nelse if ( ver == \"15.0(2)EY1\" ) flag++;\nelse if ( ver == \"15.0(2)EY2\" ) flag++;\nelse if ( ver == \"15.0(2)EY3\" ) flag++;\nelse if ( ver == \"15.0(2)EZ\" ) flag++;\nelse if ( ver == \"15.0(2)MR\" ) flag++;\nelse if ( ver == \"15.0(2)SE\" ) flag++;\nelse if ( ver == \"15.0(2)SE1\" ) flag++;\nelse if ( ver == \"15.0(2)SE2\" ) flag++;\nelse if ( ver == \"15.0(2)SE3\" ) flag++;\nelse if ( ver == \"15.0(2)SE4\" ) flag++;\nelse if ( ver == \"15.0(2)SE5\" ) flag++;\nelse if ( ver == \"15.0(2)SE6\" ) flag++;\nelse if ( ver == \"15.0(2)SE7\" ) flag++;\nelse if ( ver == \"15.0(2)SE9\" ) flag++;\nelse if ( ver == \"15.1(1)MR\" ) flag++;\nelse if ( ver == \"15.1(1)MR1\" ) flag++;\nelse if ( ver == \"15.1(1)MR2\" ) flag++;\nelse if ( ver == \"15.1(1)MR3\" ) flag++;\nelse if ( ver == \"15.1(1)MR4\" ) flag++;\nelse if ( ver == \"15.1(1)MR5\" ) flag++;\nelse if ( ver == \"15.1(1)MR6\" ) flag++;\nelse if ( ver == \"15.1(1)S\" ) flag++;\nelse if ( ver == \"15.1(1)S1\" ) flag++;\nelse if ( ver == \"15.1(1)S2\" ) flag++;\nelse if ( ver == \"15.1(1)SA\" ) flag++;\nelse if ( ver == \"15.1(1)SA1\" ) flag++;\nelse if ( ver == \"15.1(1)SA2\" ) flag++;\nelse if ( ver == \"15.1(1)SG\" ) flag++;\nelse if ( ver == \"15.1(1)SG1\" ) flag++;\nelse if ( ver == \"15.1(1)SG2\" ) flag++;\nelse if ( ver == \"15.1(1)SY\" ) flag++;\nelse if ( ver == \"15.1(1)SY1\" ) flag++;\nelse if ( ver == \"15.1(1)SY2\" ) flag++;\nelse if ( ver == \"15.1(1)SY3\" ) flag++;\nelse if ( ver == \"15.1(1)SY4\" ) flag++;\nelse if ( ver == \"15.1(1)SY5\" ) flag++;\nelse if ( ver == \"15.1(1)SY6\" ) flag++;\nelse if ( ver == \"15.1(1)T\" ) flag++;\nelse if ( ver == \"15.1(1)T1\" ) flag++;\nelse if ( ver == \"15.1(1)T2\" ) flag++;\nelse if ( ver == \"15.1(1)T3\" ) flag++;\nelse if ( ver == \"15.1(1)T4\" ) flag++;\nelse if ( ver == \"15.1(1)T5\" ) flag++;\nelse if ( ver == \"15.1(1)XB\" ) flag++;\nelse if ( ver == \"15.1(1)XB1\" ) flag++;\nelse if ( ver == \"15.1(1)XB2\" ) flag++;\nelse if ( ver == \"15.1(1)XB3\" ) flag++;\nelse if ( ver == \"15.1(2)EY\" ) flag++;\nelse if ( ver == \"15.1(2)EY1\" ) flag++;\nelse if ( ver == \"15.1(2)EY1a\" ) flag++;\nelse if ( ver == \"15.1(2)EY2\" ) flag++;\nelse if ( ver == \"15.1(2)EY2a\" ) flag++;\nelse if ( ver == \"15.1(2)EY3\" ) flag++;\nelse if ( ver == \"15.1(2)EY4\" ) flag++;\nelse if ( ver == \"15.1(2)GC\" ) flag++;\nelse if ( ver == \"15.1(2)GC1\" ) flag++;\nelse if ( ver == \"15.1(2)GC2\" ) flag++;\nelse if ( ver == \"15.1(2)S\" ) flag++;\nelse if ( ver == \"15.1(2)S1\" ) flag++;\nelse if ( ver == \"15.1(2)S2\" ) flag++;\nelse if ( ver == \"15.1(2)SG\" ) flag++;\nelse if ( ver == \"15.1(2)SG1\" ) flag++;\nelse if ( ver == \"15.1(2)SG2\" ) flag++;\nelse if ( ver == \"15.1(2)SG3\" ) flag++;\nelse if ( ver == \"15.1(2)SG4\" ) flag++;\nelse if ( ver == \"15.1(2)SG5\" ) flag++;\nelse if ( ver == \"15.1(2)SG6\" ) flag++;\nelse if ( ver == \"15.1(2)SG7\" ) flag++;\nelse if ( ver == \"15.1(2)SNG\" ) flag++;\nelse if ( ver == \"15.1(2)SNH\" ) flag++;\nelse if ( ver == \"15.1(2)SNH1\" ) flag++;\nelse if ( ver == \"15.1(2)SNI\" ) flag++;\nelse if ( ver == \"15.1(2)SNI1\" ) flag++;\nelse if ( ver == \"15.1(2)SY\" ) flag++;\nelse if ( ver == \"15.1(2)SY1\" ) flag++;\nelse if ( ver == \"15.1(2)SY2\" ) flag++;\nelse if ( ver == \"15.1(2)SY3\" ) flag++;\nelse if ( ver == \"15.1(2)SY4\" ) flag++;\nelse if ( ver == \"15.1(2)SY4a\" ) flag++;\nelse if ( ver == \"15.1(2)SY5\" ) flag++;\nelse if ( ver == \"15.1(2)SY6\" ) flag++;\nelse if ( ver == \"15.1(2)SY7\" ) flag++;\nelse if ( ver == \"15.1(2)T\" ) flag++;\nelse if ( ver == \"15.1(2)T0a\" ) flag++;\nelse if ( ver == \"15.1(2)T1\" ) flag++;\nelse if ( ver == \"15.1(2)T2\" ) flag++;\nelse if ( ver == \"15.1(2)T2a\" ) flag++;\nelse if ( ver == \"15.1(2)T3\" ) flag++;\nelse if ( ver == \"15.1(2)T4\" ) flag++;\nelse if ( ver == \"15.1(2)T5\" ) flag++;\nelse if ( ver == \"15.1(3)MR\" ) flag++;\nelse if ( ver == \"15.1(3)MRA\" ) flag++;\nelse if ( ver == \"15.1(3)MRA1\" ) flag++;\nelse if ( ver == \"15.1(3)MRA2\" ) flag++;\nelse if ( ver == \"15.1(3)MRA3\" ) flag++;\nelse if ( ver == \"15.1(3)MRA4\" ) flag++;\nelse if ( ver == \"15.1(3)S\" ) flag++;\nelse if ( ver == \"15.1(3)S0a\" ) flag++;\nelse if ( ver == \"15.1(3)S1\" ) flag++;\nelse if ( ver == \"15.1(3)S2\" ) flag++;\nelse if ( ver == \"15.1(3)S3\" ) flag++;\nelse if ( ver == \"15.1(3)S4\" ) flag++;\nelse if ( ver == \"15.1(3)S5\" ) flag++;\nelse if ( ver == \"15.1(3)S5a\" ) flag++;\nelse if ( ver == \"15.1(3)S6\" ) flag++;\nelse if ( ver == \"15.1(3)S7\" ) flag++;\nelse if ( ver == \"15.1(3)SVB1\" ) flag++;\nelse if ( ver == \"15.1(3)SVD\" ) flag++;\nelse if ( ver == \"15.1(3)SVD1\" ) flag++;\nelse if ( ver == \"15.1(3)SVD2\" ) flag++;\nelse if ( ver == \"15.1(3)SVD3\" ) flag++;\nelse if ( ver == \"15.1(3)SVE\" ) flag++;\nelse if ( ver == \"15.1(3)SVF\" ) flag++;\nelse if ( ver == \"15.1(3)SVF1\" ) flag++;\nelse if ( ver == \"15.1(3)SVF2\" ) flag++;\nelse if ( ver == \"15.1(3)SVF2a\" ) flag++;\nelse if ( ver == \"15.1(3)SVF4a\" ) flag++;\nelse if ( ver == \"15.1(3)SVF4b\" ) flag++;\nelse if ( ver == \"15.1(3)SVF4d\" ) flag++;\nelse if ( ver == \"15.1(3)SVG1c\" ) flag++;\nelse if ( ver == \"15.1(3)SVG2\" ) flag++;\nelse if ( ver == \"15.1(3)SVG2a\" ) flag++;\nelse if ( ver == \"15.1(3)SVG3\" ) flag++;\nelse if ( ver == \"15.1(3)SVG3a\" ) flag++;\nelse if ( ver == \"15.1(3)SVG3b\" ) flag++;\nelse if ( ver == \"15.1(3)SVG3c\" ) flag++;\nelse if ( ver == \"15.1(3)SVH\" ) flag++;\nelse if ( ver == \"15.1(3)SVH2\" ) flag++;\nelse if ( ver == \"15.1(3)SVH4\" ) flag++;\nelse if ( ver == \"15.1(3)SVI\" ) flag++;\nelse if ( ver == \"15.1(3)SVI1\" ) flag++;\nelse if ( ver == \"15.1(3)SVI1a\" ) flag++;\nelse if ( ver == \"15.1(3)SVI2\" ) flag++;\nelse if ( ver == \"15.1(3)T\" ) flag++;\nelse if ( ver == \"15.1(3)T1\" ) flag++;\nelse if ( ver == \"15.1(3)T2\" ) flag++;\nelse if ( ver == \"15.1(3)T3\" ) flag++;\nelse if ( ver == \"15.1(3)T4\" ) flag++;\nelse if ( ver == \"15.1(4)GC\" ) flag++;\nelse if ( ver == \"15.1(4)GC1\" ) flag++;\nelse if ( ver == \"15.1(4)GC2\" ) flag++;\nelse if ( ver == \"15.1(4)M\" ) flag++;\nelse if ( ver == \"15.1(4)M0a\" ) flag++;\nelse if ( ver == \"15.1(4)M0b\" ) flag++;\nelse if ( ver == \"15.1(4)M1\" ) flag++;\nelse if ( ver == \"15.1(4)M10\" ) flag++;\nelse if ( ver == \"15.1(4)M11\" ) flag++;\nelse if ( ver == \"15.1(4)M12\" ) flag++;\nelse if ( ver == \"15.1(4)M12a\" ) flag++;\nelse if ( ver == \"15.1(4)M2\" ) flag++;\nelse if ( ver == \"15.1(4)M3\" ) flag++;\nelse if ( ver == \"15.1(4)M3a\" ) flag++;\nelse if ( ver == \"15.1(4)M4\" ) flag++;\nelse if ( ver == \"15.1(4)M5\" ) flag++;\nelse if ( ver == \"15.1(4)M6\" ) flag++;\nelse if ( ver == \"15.1(4)M7\" ) flag++;\nelse if ( ver == \"15.1(4)M8\" ) flag++;\nelse if ( ver == \"15.1(4)M9\" ) flag++;\nelse if ( ver == \"15.1(4)XB4\" ) flag++;\nelse if ( ver == \"15.1(4)XB5\" ) flag++;\nelse if ( ver == \"15.1(4)XB5a\" ) flag++;\nelse if ( ver == \"15.1(4)XB6\" ) flag++;\nelse if ( ver == \"15.1(4)XB7\" ) flag++;\nelse if ( ver == \"15.1(4)XB8\" ) flag++;\nelse if ( ver == \"15.1(4)XB8a\" ) flag++;\nelse if ( ver == \"15.2(1)E\" ) flag++;\nelse if ( ver == \"15.2(1)E1\" ) flag++;\nelse if ( ver == \"15.2(1)E2\" ) flag++;\nelse if ( ver == \"15.2(1)E3\" ) flag++;\nelse if ( ver == \"15.2(1)EY\" ) flag++;\nelse if ( ver == \"15.2(1)EY1\" ) flag++;\nelse if ( ver == \"15.2(1)EY2\" ) flag++;\nelse if ( ver == \"15.2(1)GC\" ) flag++;\nelse if ( ver == \"15.2(1)GC1\" ) flag++;\nelse if ( ver == \"15.2(1)GC2\" ) flag++;\nelse if ( ver == \"15.2(1)S\" ) flag++;\nelse if ( ver == \"15.2(1)S1\" ) flag++;\nelse if ( ver == \"15.2(1)S2\" ) flag++;\nelse if ( ver == \"15.2(1)SC1a\" ) flag++;\nelse if ( ver == \"15.2(1)SC2\" ) flag++;\nelse if ( ver == \"15.2(1)SD1\" ) flag++;\nelse if ( ver == \"15.2(1)SD2\" ) flag++;\nelse if ( ver == \"15.2(1)SD3\" ) flag++;\nelse if ( ver == \"15.2(1)SD4\" ) flag++;\nelse if ( ver == \"15.2(1)SD6\" ) flag++;\nelse if ( ver == \"15.2(1)SD6a\" ) flag++;\nelse if ( ver == \"15.2(1)SD8\" ) flag++;\nelse if ( ver == \"15.2(1)SY\" ) flag++;\nelse if ( ver == \"15.2(1)SY0a\" ) flag++;\nelse if ( ver == \"15.2(1)SY1\" ) flag++;\nelse if ( ver == \"15.2(1)SY1a\" ) flag++;\nelse if ( ver == \"15.2(1)SY2\" ) flag++;\nelse if ( ver == \"15.2(1)T\" ) flag++;\nelse if ( ver == \"15.2(1)T1\" ) flag++;\nelse if ( ver == \"15.2(1)T2\" ) flag++;\nelse if ( ver == \"15.2(1)T3\" ) flag++;\nelse if ( ver == \"15.2(1)T3a\" ) flag++;\nelse if ( ver == \"15.2(1)T4\" ) flag++;\nelse if ( ver == \"15.2(2a)E1\" ) flag++;\nelse if ( ver == \"15.2(2b)E\" ) flag++;\nelse if ( ver == \"15.2(2)E\" ) flag++;\nelse if ( ver == \"15.2(2)E1\" ) flag++;\nelse if ( ver == \"15.2(2)E2\" ) flag++;\nelse if ( ver == \"15.2(2)E4\" ) flag++;\nelse if ( ver == \"15.2(2)EA1\" ) flag++;\nelse if ( ver == \"15.2(2)EA2\" ) flag++;\nelse if ( ver == \"15.2(2)EA3\" ) flag++;\nelse if ( ver == \"15.2(2)EB\" ) flag++;\nelse if ( ver == \"15.2(2)EB1\" ) flag++;\nelse if ( ver == \"15.2(2)EB2\" ) flag++;\nelse if ( ver == \"15.2(2)GC\" ) flag++;\nelse if ( ver == \"15.2(2)JA\" ) flag++;\nelse if ( ver == \"15.2(2)JA1\" ) flag++;\nelse if ( ver == \"15.2(2)JAX\" ) flag++;\nelse if ( ver == \"15.2(2)JAX1\" ) flag++;\nelse if ( ver == \"15.2(2)JB\" ) flag++;\nelse if ( ver == \"15.2(2)JB1\" ) flag++;\nelse if ( ver == \"15.2(2)JB2\" ) flag++;\nelse if ( ver == \"15.2(2)JB3\" ) flag++;\nelse if ( ver == \"15.2(2)JB4\" ) flag++;\nelse if ( ver == \"15.2(2)JB5\" ) flag++;\nelse if ( ver == \"15.2(2)JN1\" ) flag++;\nelse if ( ver == \"15.2(2)JN2\" ) flag++;\nelse if ( ver == \"15.2(2)S\" ) flag++;\nelse if ( ver == \"15.2(2)S0a\" ) flag++;\nelse if ( ver == \"15.2(2)S0c\" ) flag++;\nelse if ( ver == \"15.2(2)S0d\" ) flag++;\nelse if ( ver == \"15.2(2)S1\" ) flag++;\nelse if ( ver == \"15.2(2)S2\" ) flag++;\nelse if ( ver == \"15.2(2)SC\" ) flag++;\nelse if ( ver == \"15.2(2)SNG\" ) flag++;\nelse if ( ver == \"15.2(2)SNH\" ) flag++;\nelse if ( ver == \"15.2(2)SNH1\" ) flag++;\nelse if ( ver == \"15.2(2)SNI\" ) flag++;\nelse if ( ver == \"15.2(2)SY\" ) flag++;\nelse if ( ver == \"15.2(2)SY1\" ) flag++;\nelse if ( ver == \"15.2(2)T\" ) flag++;\nelse if ( ver == \"15.2(2)T1\" ) flag++;\nelse if ( ver == \"15.2(2)T2\" ) flag++;\nelse if ( ver == \"15.2(2)T3\" ) flag++;\nelse if ( ver == \"15.2(2)T4\" ) flag++;\nelse if ( ver == \"15.2(3a)E\" ) flag++;\nelse if ( ver == \"15.2(3)E\" ) flag++;\nelse if ( ver == \"15.2(3)E1\" ) flag++;\nelse if ( ver == \"15.2(3)E2\" ) flag++;\nelse if ( ver == \"15.2(3)E3\" ) flag++;\nelse if ( ver == \"15.2(3)EA\" ) flag++;\nelse if ( ver == \"15.2(3)GC\" ) flag++;\nelse if ( ver == \"15.2(3)GC1\" ) flag++;\nelse if ( ver == \"15.2(3)GCA\" ) flag++;\nelse if ( ver == \"15.2(3)GCA1\" ) flag++;\nelse if ( ver == \"15.2(3m)E2\" ) flag++;\nelse if ( ver == \"15.2(3m)E3\" ) flag++;\nelse if ( ver == \"15.2(3m)E5\" ) flag++;\nelse if ( ver == \"15.2(3m)E7\" ) flag++;\nelse if ( ver == \"15.2(3m)E8\" ) flag++;\nelse if ( ver == \"15.2(3)T\" ) flag++;\nelse if ( ver == \"15.2(3)T1\" ) flag++;\nelse if ( ver == \"15.2(3)T2\" ) flag++;\nelse if ( ver == \"15.2(3)T3\" ) flag++;\nelse if ( ver == \"15.2(3)T4\" ) flag++;\nelse if ( ver == \"15.2(3)XA\" ) flag++;\nelse if ( ver == \"15.2(4)E\" ) flag++;\nelse if ( ver == \"15.2(4)E1\" ) flag++;\nelse if ( ver == \"15.2(4)EA\" ) flag++;\nelse if ( ver == \"15.2(4)EA1\" ) flag++;\nelse if ( ver == \"15.2(4)EA2\" ) flag++;\nelse if ( ver == \"15.2(4)EA3\" ) flag++;\nelse if ( ver == \"15.2(4)GC\" ) flag++;\nelse if ( ver == \"15.2(4)GC1\" ) flag++;\nelse if ( ver == \"15.2(4)GC2\" ) flag++;\nelse if ( ver == \"15.2(4)GC3\" ) flag++;\nelse if ( ver == \"15.2(4)JA\" ) flag++;\nelse if ( ver == \"15.2(4)JA1\" ) flag++;\nelse if ( ver == \"15.2(4)JAZ\" ) flag++;\nelse if ( ver == \"15.2(4)JB\" ) flag++;\nelse if ( ver == \"15.2(4)JB1\" ) flag++;\nelse if ( ver == \"15.2(4)JB2\" ) flag++;\nelse if ( ver == \"15.2(4)JB3\" ) flag++;\nelse if ( ver == \"15.2(4)JB3a\" ) flag++;\nelse if ( ver == \"15.2(4)JB3b\" ) flag++;\nelse if ( ver == \"15.2(4)JB3h\" ) flag++;\nelse if ( ver == \"15.2(4)JB3s\" ) flag++;\nelse if ( ver == \"15.2(4)JB4\" ) flag++;\nelse if ( ver == \"15.2(4)JB5\" ) flag++;\nelse if ( ver == \"15.2(4)JB50\" ) flag++;\nelse if ( ver == \"15.2(4)JB50a\" ) flag++;\nelse if ( ver == \"15.2(4)JB5h\" ) flag++;\nelse if ( ver == \"15.2(4)JB5m\" ) flag++;\nelse if ( ver == \"15.2(4)JB6\" ) flag++;\nelse if ( ver == \"15.2(4)JB7\" ) flag++;\nelse if ( ver == \"15.2(4)JN\" ) flag++;\nelse if ( ver == \"15.2(4)M\" ) flag++;\nelse if ( ver == \"15.2(4)M1\" ) flag++;\nelse if ( ver == \"15.2(4)M10\" ) flag++;\nelse if ( ver == \"15.2(4)M11\" ) flag++;\nelse if ( ver == \"15.2(4)M2\" ) flag++;\nelse if ( ver == \"15.2(4)M3\" ) flag++;\nelse if ( ver == \"15.2(4)M4\" ) flag++;\nelse if ( ver == \"15.2(4)M5\" ) flag++;\nelse if ( ver == \"15.2(4)M6\" ) flag++;\nelse if ( ver == \"15.2(4)M6a\" ) flag++;\nelse if ( ver == \"15.2(4)M6b\" ) flag++;\nelse if ( ver == \"15.2(4)M7\" ) flag++;\nelse if ( ver == \"15.2(4)M8\" ) flag++;\nelse if ( ver == \"15.2(4)M9\" ) flag++;\nelse if ( ver == \"15.2(4m)E1\" ) flag++;\nelse if ( ver == \"15.2(4)S\" ) flag++;\nelse if ( ver == \"15.2(4)S0c\" ) flag++;\nelse if ( ver == \"15.2(4)S1\" ) flag++;\nelse if ( ver == \"15.2(4)S1c\" ) flag++;\nelse if ( ver == \"15.2(4)S2\" ) flag++;\nelse if ( ver == \"15.2(4)S3\" ) flag++;\nelse if ( ver == \"15.2(4)S3a\" ) flag++;\nelse if ( ver == \"15.2(4)S4\" ) flag++;\nelse if ( ver == \"15.2(4)S4a\" ) flag++;\nelse if ( ver == \"15.2(4)S5\" ) flag++;\nelse if ( ver == \"15.2(4)S6\" ) flag++;\nelse if ( ver == \"15.2(4)S7\" ) flag++;\nelse if ( ver == \"15.2(4)S8\" ) flag++;\nelse if ( ver == \"15.2(4)XB10\" ) flag++;\nelse if ( ver == \"15.2(4)XB11\" ) flag++;\nelse if ( ver == \"15.3(0)SY\" ) flag++;\nelse if ( ver == \"15.3(1)S\" ) flag++;\nelse if ( ver == \"15.3(1)S1\" ) flag++;\nelse if ( ver == \"15.3(1)S1e\" ) flag++;\nelse if ( ver == \"15.3(1)S2\" ) flag++;\nelse if ( ver == \"15.3(1)SY\" ) flag++;\nelse if ( ver == \"15.3(1)T\" ) flag++;\nelse if ( ver == \"15.3(1)T1\" ) flag++;\nelse if ( ver == \"15.3(1)T2\" ) flag++;\nelse if ( ver == \"15.3(1)T3\" ) flag++;\nelse if ( ver == \"15.3(1)T4\" ) flag++;\nelse if ( ver == \"15.3(2)S\" ) flag++;\nelse if ( ver == \"15.3(2)S0a\" ) flag++;\nelse if ( ver == \"15.3(2)S1\" ) flag++;\nelse if ( ver == \"15.3(2)S2\" ) flag++;\nelse if ( ver == \"15.3(2)T\" ) flag++;\nelse if ( ver == \"15.3(2)T1\" ) flag++;\nelse if ( ver == \"15.3(2)T2\" ) flag++;\nelse if ( ver == \"15.3(2)T3\" ) flag++;\nelse if ( ver == \"15.3(2)T4\" ) flag++;\nelse if ( ver == \"15.3(3)JA\" ) flag++;\nelse if ( ver == \"15.3(3)JA1\" ) flag++;\nelse if ( ver == \"15.3(3)JA100\" ) flag++;\nelse if ( ver == \"15.3(3)JA1m\" ) flag++;\nelse if ( ver == \"15.3(3)JA1n\" ) flag++;\nelse if ( ver == \"15.3(3)JA2\" ) flag++;\nelse if ( ver == \"15.3(3)JA3\" ) flag++;\nelse if ( ver == \"15.3(3)JA4\" ) flag++;\nelse if ( ver == \"15.3(3)JA5\" ) flag++;\nelse if ( ver == \"15.3(3)JA6\" ) flag++;\nelse if ( ver == \"15.3(3)JA7\" ) flag++;\nelse if ( ver == \"15.3(3)JA75\" ) flag++;\nelse if ( ver == \"15.3(3)JA77\" ) flag++;\nelse if ( ver == \"15.3(3)JA8\" ) flag++;\nelse if ( ver == \"15.3(3)JA9\" ) flag++;\nelse if ( ver == \"15.3(3)JAA\" ) flag++;\nelse if ( ver == \"15.3(3)JAB\" ) flag++;\nelse if ( ver == \"15.3(3)JAX\" ) flag++;\nelse if ( ver == \"15.3(3)JAX1\" ) flag++;\nelse if ( ver == \"15.3(3)JAX2\" ) flag++;\nelse if ( ver == \"15.3(3)JB\" ) flag++;\nelse if ( ver == \"15.3(3)JB75\" ) flag++;\nelse if ( ver == \"15.3(3)JBB\" ) flag++;\nelse if ( ver == \"15.3(3)JBB1\" ) flag++;\nelse if ( ver == \"15.3(3)JBB2\" ) flag++;\nelse if ( ver == \"15.3(3)JBB4\" ) flag++;\nelse if ( ver == \"15.3(3)JBB5\" ) flag++;\nelse if ( ver == \"15.3(3)JBB50\" ) flag++;\nelse if ( ver == \"15.3(3)JBB6\" ) flag++;\nelse if ( ver == \"15.3(3)JBB6a\" ) flag++;\nelse if ( ver == \"15.3(3)JBB8\" ) flag++;\nelse if ( ver == \"15.3(3)JC\" ) flag++;\nelse if ( ver == \"15.3(3)JC30\" ) flag++;\nelse if ( ver == \"15.3(3)JN3\" ) flag++;\nelse if ( ver == \"15.3(3)JN4\" ) flag++;\nelse if ( ver == \"15.3(3)JN6\" ) flag++;\nelse if ( ver == \"15.3(3)JN7\" ) flag++;\nelse if ( ver == \"15.3(3)JN8\" ) flag++;\nelse if ( ver == \"15.3(3)JNB\" ) flag++;\nelse if ( ver == \"15.3(3)JNB1\" ) flag++;\nelse if ( ver == \"15.3(3)JNB2\" ) flag++;\nelse if ( ver == \"15.3(3)JNB3\" ) flag++;\nelse if ( ver == \"15.3(3)JNC\" ) flag++;\nelse if ( ver == \"15.3(3)JNC1\" ) flag++;\nelse if ( ver == \"15.3(3)JNP\" ) flag++;\nelse if ( ver == \"15.3(3)JNP1\" ) flag++;\nelse if ( ver == \"15.3(3)M\" ) flag++;\nelse if ( ver == \"15.3(3)M1\" ) flag++;\nelse if ( ver == \"15.3(3)M2\" ) flag++;\nelse if ( ver == \"15.3(3)M3\" ) flag++;\nelse if ( ver == \"15.3(3)M4\" ) flag++;\nelse if ( ver == \"15.3(3)M5\" ) flag++;\nelse if ( ver == \"15.3(3)M6\" ) flag++;\nelse if ( ver == \"15.3(3)M7\" ) flag++;\nelse if ( ver == \"15.3(3)S\" ) flag++;\nelse if ( ver == \"15.3(3)S1\" ) flag++;\nelse if ( ver == \"15.3(3)S1a\" ) flag++;\nelse if ( ver == \"15.3(3)S2\" ) flag++;\nelse if ( ver == \"15.3(3)S2a\" ) flag++;\nelse if ( ver == \"15.3(3)S3\" ) flag++;\nelse if ( ver == \"15.3(3)S4\" ) flag++;\nelse if ( ver == \"15.3(3)S5\" ) flag++;\nelse if ( ver == \"15.3(3)S6\" ) flag++;\nelse if ( ver == \"15.3(3)S6a\" ) flag++;\nelse if ( ver == \"15.3(3)S7\" ) flag++;\nelse if ( ver == \"15.3(3)XB12\" ) flag++;\nelse if ( ver == \"15.4(1)CG\" ) flag++;\nelse if ( ver == \"15.4(1)CG1\" ) flag++;\nelse if ( ver == \"15.4(1)S\" ) flag++;\nelse if ( ver == \"15.4(1)S1\" ) flag++;\nelse if ( ver == \"15.4(1)S2\" ) flag++;\nelse if ( ver == \"15.4(1)S3\" ) flag++;\nelse if ( ver == \"15.4(1)S4\" ) flag++;\nelse if ( ver == \"15.4(1)T\" ) flag++;\nelse if ( ver == \"15.4(1)T1\" ) flag++;\nelse if ( ver == \"15.4(1)T2\" ) flag++;\nelse if ( ver == \"15.4(1)T3\" ) flag++;\nelse if ( ver == \"15.4(1)T4\" ) flag++;\nelse if ( ver == \"15.4(2)CG\" ) flag++;\nelse if ( ver == \"15.4(2)S\" ) flag++;\nelse if ( ver == \"15.4(2)S1\" ) flag++;\nelse if ( ver == \"15.4(2)S2\" ) flag++;\nelse if ( ver == \"15.4(2)S3\" ) flag++;\nelse if ( ver == \"15.4(2)S4\" ) flag++;\nelse if ( ver == \"15.4(2)SN\" ) flag++;\nelse if ( ver == \"15.4(2)SN1\" ) flag++;\nelse if ( ver == \"15.4(2)T\" ) flag++;\nelse if ( ver == \"15.4(2)T1\" ) flag++;\nelse if ( ver == \"15.4(2)T2\" ) flag++;\nelse if ( ver == \"15.4(2)T3\" ) flag++;\nelse if ( ver == \"15.4(2)T4\" ) flag++;\nelse if ( ver == \"15.4(3)M\" ) flag++;\nelse if ( ver == \"15.4(3)M1\" ) flag++;\nelse if ( ver == \"15.4(3)M2\" ) flag++;\nelse if ( ver == \"15.4(3)M3\" ) flag++;\nelse if ( ver == \"15.4(3)M4\" ) flag++;\nelse if ( ver == \"15.4(3)M5\" ) flag++;\nelse if ( ver == \"15.4(3)S\" ) flag++;\nelse if ( ver == \"15.4(3)S0d\" ) flag++;\nelse if ( ver == \"15.4(3)S0e\" ) flag++;\nelse if ( ver == \"15.4(3)S1\" ) flag++;\nelse if ( ver == \"15.4(3)S2\" ) flag++;\nelse if ( ver == \"15.4(3)S3\" ) flag++;\nelse if ( ver == \"15.4(3)S4\" ) flag++;\nelse if ( ver == \"15.4(3)S5\" ) flag++;\nelse if ( ver == \"15.4(3)SN1\" ) flag++;\nelse if ( ver == \"15.5(1)S\" ) flag++;\nelse if ( ver == \"15.5(1)S1\" ) flag++;\nelse if ( ver == \"15.5(1)S2\" ) flag++;\nelse if ( ver == \"15.5(1)S3\" ) flag++;\nelse if ( ver == \"15.5(1)SN\" ) flag++;\nelse if ( ver == \"15.5(1)SN1\" ) flag++;\nelse if ( ver == \"15.5(1)T\" ) flag++;\nelse if ( ver == \"15.5(1)T1\" ) flag++;\nelse if ( ver == \"15.5(1)T2\" ) flag++;\nelse if ( ver == \"15.5(1)T3\" ) flag++;\nelse if ( ver == \"15.5(1)T4\" ) flag++;\nelse if ( ver == \"15.5(2)S\" ) flag++;\nelse if ( ver == \"15.5(2)S1\" ) flag++;\nelse if ( ver == \"15.5(2)S2\" ) flag++;\nelse if ( ver == \"15.5(2)S3\" ) flag++;\nelse if ( ver == \"15.5(2)SN\" ) flag++;\nelse if ( ver == \"15.5(2)SN0a\" ) flag++;\nelse if ( ver == \"15.5(2)T\" ) flag++;\nelse if ( ver == \"15.5(2)T1\" ) flag++;\nelse if ( ver == \"15.5(2)T2\" ) flag++;\nelse if ( ver == \"15.5(2)T3\" ) flag++;\nelse if ( ver == \"15.5(2)T4\" ) flag++;\nelse if ( ver == \"15.5(2)XB\" ) flag++;\nelse if ( ver == \"15.5(3)M\" ) flag++;\nelse if ( ver == \"15.5(3)M0a\" ) flag++;\nelse if ( ver == \"15.5(3)M1\" ) flag++;\nelse if ( ver == \"15.5(3)M2\" ) flag++;\nelse if ( ver == \"15.5(3)M2a\" ) flag++;\nelse if ( ver == \"15.5(3)S\" ) flag++;\nelse if ( ver == \"15.5(3)S0a\" ) flag++;\nelse if ( ver == \"15.5(3)S1\" ) flag++;\nelse if ( ver == \"15.5(3)S1a\" ) flag++;\nelse if ( ver == \"15.5(3)S2\" ) flag++;\nelse if ( ver == \"15.5(3)SN\" ) flag++;\nelse if ( ver == \"15.5(3)SN0a\" ) flag++;\nelse if ( ver == \"15.6(1)S\" ) flag++;\nelse if ( ver == \"15.6(1)S1\" ) flag++;\nelse if ( ver == \"15.6(1)SN\" ) flag++;\nelse if ( ver == \"15.6(1)SN1\" ) flag++;\nelse if ( ver == \"15.6(1)T\" ) flag++;\nelse if ( ver == \"15.6(1)T0a\" ) flag++;\nelse if ( ver == \"15.6(1)T1\" ) flag++;\nelse if ( ver == \"15.6(2)S\" ) flag++;\nelse if ( ver == \"15.6(2)SN\" ) flag++;\n\nif(!flag)\n audit(AUDIT_INST_VER_NOT_VULN, ver);\n\n# Check that IKEv1 config or IKEv1 is running\nif (get_kb_item(\"Host/local_checks_enabled\"))\n{\n flag = 0;\n\n # Check for condition 1, IKEv1 config\n buf = cisco_command_kb_item(\"Host/Cisco/Config/show_running-config\",\"show running-config\");\n if (check_cisco_result(buf))\n {\n if ( \"crypto isakmp fragmentation\" >< buf )\n {\n flag = 1;\n cmds = make_list('show running-config');\n }\n }\n else if (cisco_needs_enable(buf))\n {\n flag = 1;\n override = 1;\n }\n\n # Check for condition 2, IKEv1 is running\n if (flag)\n {\n flag = 0;\n\n pat = \"(\\d+.\\d+.\\d+.\\d+|.*:.*|UNKNOWN|--any--)\\s+(500|4500)\\s\";\n buf = cisco_command_kb_item(\"Host/Cisco/Config/show_ip_sockets\",\"show ip sockets\");\n if (!flag)\n {\n if (check_cisco_result(buf))\n {\n if (preg(multiline:TRUE, pattern:pat, string:buf)) \n {\n flag = 1;\n cmds = make_list(cmds, 'show ip sockets');\n }\n }\n else if (cisco_needs_enable(buf))\n {\n flag = 1;\n override = 1;\n }\n }\n\n if (!flag)\n {\n buf = cisco_command_kb_item(\"Host/Cisco/Config/show_udp\",\"show udp\");\n if (check_cisco_result(buf))\n {\n if (preg(multiline:TRUE, pattern:pat, string:buf))\n {\n flag = 1;\n cmds = make_list(cmds, 'show udp');\n }\n }\n else if (cisco_needs_enable(buf))\n {\n flag = 1;\n override = 1;\n }\n }\n }\n}\n\nif (flag)\n{\n security_report_cisco(\n port : 0,\n severity : SECURITY_HOLE,\n override : override,\n version : ver,\n bug_id : 'CSCuy47382',\n cmds : cmds\n );\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "CISCO", "pluginID": "94762", "cpe": ["cpe:/o:cisco:ios"], "scheme": null, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}}
{"cve": [{"lastseen": "2021-02-02T06:28:10", "description": "Cisco IOS 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.18 and 16.1 allow remote attackers to cause a denial of service (memory consumption or device reload) via fragmented IKEv1 packets, aka Bug ID CSCuy47382.", "edition": 5, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-10-05T17:59:00", "title": "CVE-2016-6381", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6381"], "modified": "2020-09-29T12:12:00", "cpe": ["cpe:/o:cisco:ios:15.2\\(2\\)e1", "cpe:/o:cisco:ios:15.4\\(2\\)t", "cpe:/o:cisco:ios_xe:3.4.2s", "cpe:/o:cisco:ios:15.2\\(3m\\)e2", "cpe:/o:cisco:ios_xe:3.5.3e", "cpe:/o:cisco:ios:15.2\\(4\\)jb3b", "cpe:/o:cisco:ios:15.0\\(2\\)ex2", "cpe:/o:cisco:ios_xe:3.5.1s", "cpe:/o:cisco:ios_xe:3.9.0s", "cpe:/o:cisco:ios:15.3\\(3\\)ja1n", "cpe:/o:cisco:ios:15.1\\(3\\)t1", "cpe:/o:cisco:ios:15.0\\(1\\)xa3", "cpe:/o:cisco:ios_xe:3.16.0cs", "cpe:/o:cisco:ios:15.1\\(2\\)ey3", "cpe:/o:cisco:ios:15.3\\(3\\)jb75", "cpe:/o:cisco:ios:15.0\\(2\\)ey3", "cpe:/o:cisco:ios:15.0\\(2\\)ej1", "cpe:/o:cisco:ios:15.2\\(3\\)t4", "cpe:/o:cisco:ios:15.1\\(3\\)mr", "cpe:/o:cisco:ios:15.1\\(2\\)ey1a", "cpe:/o:cisco:ios_xe:3.10.3s", "cpe:/o:cisco:ios:15.3\\(3\\)jnb3", "cpe:/o:cisco:ios:15.1\\(2\\)sng", "cpe:/o:cisco:ios:12.4\\(22\\)xr6", "cpe:/o:cisco:ios_xe:3.8.0e", "cpe:/o:cisco:ios:12.4\\(24\\)mda1", "cpe:/o:cisco:ios_xe:3.7.3s", "cpe:/o:cisco:ios:15.1\\(2\\)s1", "cpe:/o:cisco:ios:12.4\\(22\\)xr11", "cpe:/o:cisco:ios:12.4\\(24\\)mda12", "cpe:/o:cisco:ios:15.3\\(3\\)jax", "cpe:/o:cisco:ios:15.1\\(1\\)s1", "cpe:/o:cisco:ios:15.5\\(3\\)m2", "cpe:/o:cisco:ios:15.2\\(2\\)e2", "cpe:/o:cisco:ios_xe:3.12.0s", "cpe:/o:cisco:ios_xe:3.7.4s", "cpe:/o:cisco:ios:15.2\\(4\\)m1", "cpe:/o:cisco:ios:15.4\\(2\\)s2", "cpe:/o:cisco:ios:15.3\\(3\\)jnb2", "cpe:/o:cisco:ios_xe:3.13.2as", "cpe:/o:cisco:ios:15.6\\(1\\)s", "cpe:/o:cisco:ios:12.4\\(24\\)mda7", "cpe:/o:cisco:ios:15.3\\(3\\)jn4", "cpe:/o:cisco:ios:15.1\\(2\\)sy6", "cpe:/o:cisco:ios:15.2\\(2\\)t1", "cpe:/o:cisco:ios:15.0\\(1\\)m10", "cpe:/o:cisco:ios:15.4\\(3\\)m2", "cpe:/o:cisco:ios:15.0\\(2\\)ex3", "cpe:/o:cisco:ios:12.4\\(24\\)t4f", "cpe:/o:cisco:ios:12.4\\(24\\)gc3", "cpe:/o:cisco:ios:15.3\\(3\\)s1a", "cpe:/o:cisco:ios:12.4\\(24\\)mda6", "cpe:/o:cisco:ios:12.4\\(24\\)ye5", "cpe:/o:cisco:ios:12.4\\(22\\)mda5", "cpe:/o:cisco:ios:15.3\\(1\\)t3", "cpe:/o:cisco:ios:15.1\\(2\\)t2", "cpe:/o:cisco:ios_xe_3.4sg:3.4.5sg", "cpe:/o:cisco:ios:12.4\\(15\\)t17", "cpe:/o:cisco:ios:15.2\\(1\\)gc1", "cpe:/o:cisco:ios:15.4\\(2\\)t4", "cpe:/o:cisco:ios:15.2\\(4\\)s6", "cpe:/o:cisco:ios:15.1\\(4\\)m9", "cpe:/o:cisco:ios:15.1\\(2\\)sy4a", "cpe:/o:cisco:ios:12.4\\(24\\)mdb19", "cpe:/o:cisco:ios:15.2\\(4\\)jb5", "cpe:/o:cisco:ios_xe:3.4.4s", "cpe:/o:cisco:ios:12.4\\(24\\)md1", "cpe:/o:cisco:ios:15.2\\(2\\)ja", "cpe:/o:cisco:ios:15.1\\(4\\)m2", "cpe:/o:cisco:ios_xe:3.10.1s", "cpe:/o:cisco:ios:15.1\\(1\\)sg", "cpe:/o:cisco:ios:15.5\\(2\\)s", "cpe:/o:cisco:ios:15.1\\(3\\)t", "cpe:/o:cisco:ios:15.1\\(4\\)m7", "cpe:/o:cisco:ios:15.3\\(3\\)ja4", "cpe:/o:cisco:ios:15.1\\(2\\)gc", "cpe:/o:cisco:ios_xe:3.11.4s", "cpe:/o:cisco:ios_xe:3.10.4s", "cpe:/o:cisco:ios:15.5\\(1\\)s", "cpe:/o:cisco:ios:15.2\\(4\\)jb3", "cpe:/o:cisco:ios:15.0\\(2\\)ek", "cpe:/o:cisco:ios:15.3\\(1\\)t", "cpe:/o:cisco:ios_xe:3.7.1e", "cpe:/o:cisco:ios_xe:3.5.2s", "cpe:/o:cisco:ios:15.0\\(2\\)se2", "cpe:/o:cisco:ios:15.3\\(3\\)m3", "cpe:/o:cisco:ios:15.2\\(1\\)t1", "cpe:/o:cisco:ios:12.4\\(24\\)ye3e", "cpe:/o:cisco:ios:15.2\\(4\\)m", "cpe:/o:cisco:ios:15.1\\(2\\)t1", "cpe:/o:cisco:ios:15.3\\(3\\)m5", "cpe:/o:cisco:ios:15.2\\(4\\)s2", "cpe:/o:cisco:ios:12.4\\(22\\)ye1", "cpe:/o:cisco:ios:12.4\\(22\\)ye3", "cpe:/o:cisco:ios:15.2\\(4\\)s1", "cpe:/o:cisco:ios:12.4\\(20\\)t3", "cpe:/o:cisco:ios:12.4\\(15\\)t11", "cpe:/o:cisco:ios_xe:3.6.2s", "cpe:/o:cisco:ios_xe:3.6.3e", "cpe:/o:cisco:ios:15.1\\(2\\)t4", "cpe:/o:cisco:ios:15.3\\(3\\)jax1", "cpe:/o:cisco:ios:12.4\\(24\\)t3f", "cpe:/o:cisco:ios:15.3\\(3\\)s4", "cpe:/o:cisco:ios:15.2\\(2\\)jb5", "cpe:/o:cisco:ios:15.0\\(1\\)s", "cpe:/o:cisco:ios_xe:3.10.1xbs", "cpe:/o:cisco:ios:15.2\\(2\\)jax", "cpe:/o:cisco:ios:15.3\\(1\\)t2", "cpe:/o:cisco:ios_xe:3.7.2s", "cpe:/o:cisco:ios:15.0\\(1\\)s2", "cpe:/o:cisco:ios:15.4\\(1\\)t2", "cpe:/o:cisco:ios:15.2\\(3\\)e2", "cpe:/o:cisco:ios:15.4\\(2\\)s4", "cpe:/o:cisco:ios:15.1\\(2\\)sg2", "cpe:/o:cisco:ios_xe:3.13.2s", "cpe:/o:cisco:ios:15.2\\(2\\)sy1", "cpe:/o:cisco:ios:12.4\\(24\\)ye7", "cpe:/o:cisco:ios:12.4\\(20\\)mrb", "cpe:/o:cisco:ios_xe_3.3xo:3.3.1xo", "cpe:/o:cisco:ios:15.5\\(2\\)t2", "cpe:/o:cisco:ios:15.5\\(2\\)t", "cpe:/o:cisco:ios:15.2\\(2\\)s2", "cpe:/o:cisco:ios:12.4\\(24\\)t4c", "cpe:/o:cisco:ios_xe:3.5.0e", "cpe:/o:cisco:ios:15.1\\(2\\)sg", "cpe:/o:cisco:ios:12.4\\(22\\)yd2", "cpe:/o:cisco:ios:12.4\\(24\\)t5", "cpe:/o:cisco:ios:15.4\\(3\\)s1", "cpe:/o:cisco:ios:12.4\\(24\\)mdb6", "cpe:/o:cisco:ios:12.4\\(22\\)t4", "cpe:/o:cisco:ios_xe:3.7.2ts", "cpe:/o:cisco:ios:15.1\\(3\\)svd2", "cpe:/o:cisco:ios:15.3\\(2\\)t1", "cpe:/o:cisco:ios:12.4\\(15\\)t15", "cpe:/o:cisco:ios_xe:3.7.0e", "cpe:/o:cisco:ios_xe_3.3sg:3.3.0sg", "cpe:/o:cisco:ios:12.4\\(24\\)t4a", "cpe:/o:cisco:ios:15.6\\(1\\)t0a", "cpe:/o:cisco:ios_xe:3.13.1s", "cpe:/o:cisco:ios:15.3\\(3\\)m7", "cpe:/o:cisco:ios:12.4\\(24\\)t4b", "cpe:/o:cisco:ios:15.4\\(1\\)s", "cpe:/o:cisco:ios:15.5\\(2\\)t3", "cpe:/o:cisco:ios_xe:3.6.2e", "cpe:/o:cisco:ios_xe:3.3.2s", "cpe:/o:cisco:ios_xe:3.5.2e", "cpe:/o:cisco:ios:15.0\\(2\\)ey2", "cpe:/o:cisco:ios:15.3\\(2\\)t", "cpe:/o:cisco:ios:12.4\\(24\\)ye1", "cpe:/o:cisco:ios:15.4\\(1\\)t4", "cpe:/o:cisco:ios_xe:3.9.0as", "cpe:/o:cisco:ios_xe:3.12.3s", "cpe:/o:cisco:ios:15.3\\(3\\)s", "cpe:/o:cisco:ios:12.4\\(15\\)t10", "cpe:/o:cisco:ios:15.2\\(4\\)ja", "cpe:/o:cisco:ios_xe:3.4.6s", "cpe:/o:cisco:ios:15.5\\(3\\)m", "cpe:/o:cisco:ios:12.4\\(24\\)md2", "cpe:/o:cisco:ios_xe:3.2.1s", "cpe:/o:cisco:ios:15.1\\(1\\)s2", "cpe:/o:cisco:ios:15.2\\(2\\)sy", "cpe:/o:cisco:ios:15.0\\(1\\)m", "cpe:/o:cisco:ios:15.1\\(2\\)ey2", "cpe:/o:cisco:ios:12.4\\(24\\)ye3d", "cpe:/o:cisco:ios_xe:3.11.1s", "cpe:/o:cisco:ios:15.0\\(1\\)xa", "cpe:/o:cisco:ios:15.1\\(4\\)m8", "cpe:/o:cisco:ios:12.4\\(24\\)gc4", "cpe:/o:cisco:ios_xe:3.7.5s", "cpe:/o:cisco:ios:15.3\\(3\\)jbb6", "cpe:/o:cisco:ios:12.4\\(22\\)yb7", "cpe:/o:cisco:ios:15.2\\(4\\)gc1", "cpe:/o:cisco:ios:15.2\\(4\\)m2", "cpe:/o:cisco:ios:12.4\\(22\\)mda", "cpe:/o:cisco:ios:15.1\\(2\\)ey", "cpe:/o:cisco:ios:15.3\\(3\\)s3", "cpe:/o:cisco:ios:15.1\\(3\\)s", "cpe:/o:cisco:ios:15.2\\(3\\)t3", "cpe:/o:cisco:ios:15.3\\(2\\)t4", "cpe:/o:cisco:ios:15.1\\(1\\)t4", "cpe:/o:cisco:ios_xe:3.15.2s", "cpe:/o:cisco:ios_xe:3.12.4s", "cpe:/o:cisco:ios:15.2\\(4\\)s5", "cpe:/o:cisco:ios:12.4\\(24\\)mda8", "cpe:/o:cisco:ios:15.5\\(3\\)sn", "cpe:/o:cisco:ios:15.2\\(2\\)jb2", "cpe:/o:cisco:ios:15.2\\(2\\)ja1", "cpe:/o:cisco:ios:15.5\\(3\\)m1", "cpe:/o:cisco:ios_xe:3.10.7s", "cpe:/o:cisco:ios:15.2\\(3m\\)e8", "cpe:/o:cisco:ios:15.1\\(4\\)m10", "cpe:/o:cisco:ios:15.1\\(2\\)sg6", "cpe:/o:cisco:ios:15.2\\(4\\)jb5m", "cpe:/o:cisco:ios:15.1\\(2\\)sg7", "cpe:/o:cisco:ios:12.4\\(22\\)ye4", "cpe:/o:cisco:ios:12.4\\(22\\)mda4", "cpe:/o:cisco:ios_xe:3.6.1e", "cpe:/o:cisco:ios:15.4\\(1\\)s4", "cpe:/o:cisco:ios:15.6\\(1\\)t1", "cpe:/o:cisco:ios:15.2\\(4\\)m4", "cpe:/o:cisco:ios:15.2\\(4\\)s", "cpe:/o:cisco:ios:15.0\\(2\\)ex5", "cpe:/o:cisco:ios:15.3\\(3\\)jnp1", "cpe:/o:cisco:ios:12.4\\(24\\)md6", "cpe:/o:cisco:ios:15.2\\(1\\)e", "cpe:/o:cisco:ios:15.6\\(1\\)t", "cpe:/o:cisco:ios:15.2\\(4\\)jb3h", "cpe:/o:cisco:ios:15.1\\(3\\)svf4a", "cpe:/o:cisco:ios:12.4\\(24\\)yg4", "cpe:/o:cisco:ios_xe:3.16.1s", "cpe:/o:cisco:ios:12.4\\(22\\)t1", "cpe:/o:cisco:ios_xe:3.4.0as", "cpe:/o:cisco:ios:15.3\\(3\\)s6", "cpe:/o:cisco:ios:15.3\\(3\\)ja9", "cpe:/o:cisco:ios_xe:3.4.3s", "cpe:/o:cisco:ios:15.4\\(3\\)m1", "cpe:/o:cisco:ios:12.4\\(22\\)yb5", "cpe:/o:cisco:ios:12.4\\(24\\)mdb16", "cpe:/o:cisco:ios_xe_3.3sg:3.3.2sg", "cpe:/o:cisco:ios:15.4\\(1\\)t1", "cpe:/o:cisco:ios:12.4\\(24\\)mdb10", "cpe:/o:cisco:ios:12.4\\(24\\)t2", "cpe:/o:cisco:ios_xe:3.9.1as", "cpe:/o:cisco:ios:15.0\\(2\\)ex8", "cpe:/o:cisco:ios:15.1\\(2\\)t3", "cpe:/o:cisco:ios:15.4\\(1\\)cg1", "cpe:/o:cisco:ios:12.4\\(24\\)gc1", "cpe:/o:cisco:ios:15.2\\(2\\)jb3", "cpe:/o:cisco:ios:12.4\\(22\\)gc1", "cpe:/o:cisco:ios:15.2\\(1\\)sy1a", "cpe:/o:cisco:ios:15.2\\(2\\)t2", "cpe:/o:cisco:ios_xe:3.5.0s", "cpe:/o:cisco:ios:15.1\\(2\\)sy", "cpe:/o:cisco:ios_xe:3.17.1s", "cpe:/o:cisco:ios_xe:3.16.2s", "cpe:/o:cisco:ios:15.1\\(2\\)s", "cpe:/o:cisco:ios:12.4\\(24\\)t3e", "cpe:/o:cisco:ios:15.3\\(3\\)jaa", "cpe:/o:cisco:ios:15.0\\(1\\)s4a", "cpe:/o:cisco:ios:15.1\\(3\\)s4", "cpe:/o:cisco:ios:15.4\\(1\\)s2", "cpe:/o:cisco:ios:15.2\\(1\\)t", "cpe:/o:cisco:ios:15.5\\(1\\)t3", "cpe:/o:cisco:ios:15.4\\(2\\)cg", "cpe:/o:cisco:ios:15.3\\(3\\)jbb1", "cpe:/o:cisco:ios:15.3\\(3\\)s5", "cpe:/o:cisco:ios:15.5\\(1\\)t2", "cpe:/o:cisco:ios:15.3\\(3\\)jbb", "cpe:/o:cisco:ios:15.4\\(3\\)s2", "cpe:/o:cisco:ios:15.2\\(4\\)gc2", "cpe:/o:cisco:ios_xe:3.2.2s", "cpe:/o:cisco:ios:15.3\\(2\\)s", "cpe:/o:cisco:ios:15.1\\(1\\)t3", "cpe:/o:cisco:ios:12.4\\(24\\)mda4", "cpe:/o:cisco:ios:15.0\\(1\\)xa2", "cpe:/o:cisco:ios:15.1\\(1\\)sy1", "cpe:/o:cisco:ios:12.4\\(22\\)xr10", "cpe:/o:cisco:ios:15.0\\(1\\)m2", "cpe:/o:cisco:ios_xe:3.13.0s", "cpe:/o:cisco:ios:15.6\\(1\\)s1", "cpe:/o:cisco:ios:15.3\\(3\\)m4", "cpe:/o:cisco:ios:15.1\\(2\\)gc2", "cpe:/o:cisco:ios:15.2\\(2\\)eb1", "cpe:/o:cisco:ios:15.2\\(1\\)s2", "cpe:/o:cisco:ios:15.1\\(3\\)svd", "cpe:/o:cisco:ios:15.1\\(1\\)xb", "cpe:/o:cisco:ios:15.0\\(1\\)m1", "cpe:/o:cisco:ios:15.4\\(1\\)cg", "cpe:/o:cisco:ios:15.3\\(3\\)ja7", "cpe:/o:cisco:ios:12.4\\(24\\)ye2", "cpe:/o:cisco:ios:15.0\\(2\\)se9", "cpe:/o:cisco:ios:15.1\\(2\\)sni1", "cpe:/o:cisco:ios:12.4\\(24\\)mda11", "cpe:/o:cisco:ios:15.0\\(1\\)m8", "cpe:/o:cisco:ios:15.3\\(2\\)t3", "cpe:/o:cisco:ios:15.0\\(2a\\)ex5", "cpe:/o:cisco:ios_xe:3.14.0s", "cpe:/o:cisco:ios:15.4\\(3\\)m5", "cpe:/o:cisco:ios:12.4\\(22\\)md2", "cpe:/o:cisco:ios:12.4\\(24\\)mda2", "cpe:/o:cisco:ios:15.1\\(4\\)m6", "cpe:/o:cisco:ios:15.3\\(2\\)s2", "cpe:/o:cisco:ios:15.3\\(3\\)jnc", "cpe:/o:cisco:ios:15.4\\(2\\)s", "cpe:/o:cisco:ios:12.4\\(24\\)mdb5a", "cpe:/o:cisco:ios:15.2\\(2a\\)e1", "cpe:/o:cisco:ios:15.1\\(3\\)svf", "cpe:/o:cisco:ios:12.4\\(24\\)yg2", "cpe:/o:cisco:ios:15.3\\(3\\)jbb50", "cpe:/o:cisco:ios_xe:3.1.2s", "cpe:/o:cisco:ios:12.4\\(24\\)md", "cpe:/o:cisco:ios:12.4\\(22\\)xr1", "cpe:/o:cisco:ios:15.2\\(4\\)m10", "cpe:/o:cisco:ios:15.1\\(3\\)mra2", "cpe:/o:cisco:ios:15.0\\(2\\)ey", "cpe:/o:cisco:ios:15.2\\(4\\)m8", "cpe:/o:cisco:ios:12.4\\(22\\)yd4", "cpe:/o:cisco:ios:12.4\\(22\\)yd3", "cpe:/o:cisco:ios:12.4\\(24\\)mda10", "cpe:/o:cisco:ios:12.4\\(22\\)mda6", "cpe:/o:cisco:ios:12.4\\(22\\)yb1", "cpe:/o:cisco:ios:15.5\\(2\\)s1", "cpe:/o:cisco:ios_xe:3.8.0s", "cpe:/o:cisco:ios_xe:3.11.2s", "cpe:/o:cisco:ios:15.1\\(2\\)sy4", "cpe:/o:cisco:ios:15.1\\(4\\)gc1", "cpe:/o:cisco:ios:15.0\\(2a\\)se9", "cpe:/o:cisco:ios:15.1\\(3\\)t3", "cpe:/o:cisco:ios:12.4\\(15\\)t16", "cpe:/o:cisco:ios:15.4\\(3\\)m4", "cpe:/o:cisco:ios:15.1\\(1\\)sy", "cpe:/o:cisco:ios:15.1\\(3\\)t4", "cpe:/o:cisco:ios:12.4\\(24\\)ye6", "cpe:/o:cisco:ios:12.4\\(24\\)t4d", "cpe:/o:cisco:ios:12.4\\(22\\)mda3", "cpe:/o:cisco:ios:12.4\\(24\\)t8", "cpe:/o:cisco:ios_xe:3.16.0s", "cpe:/o:cisco:ios:15.3\\(3\\)m1", "cpe:/o:cisco:ios:15.1\\(1\\)mr4", "cpe:/o:cisco:ios:15.2\\(3a\\)e", "cpe:/o:cisco:ios:15.2\\(2\\)t3", "cpe:/o:cisco:ios:15.6\\(2\\)sn", "cpe:/o:cisco:ios:12.4\\(22\\)md", "cpe:/o:cisco:ios_xe_3.4sg:3.4.1sg", "cpe:/o:cisco:ios:15.2\\(4\\)e1", "cpe:/o:cisco:ios:15.2\\(2\\)s1", "cpe:/o:cisco:ios_xe:3.17.0s", "cpe:/o:cisco:ios:15.2\\(4\\)s3", "cpe:/o:cisco:ios:15.2\\(2\\)gc", "cpe:/o:cisco:ios:15.1\\(1\\)sg1", "cpe:/o:cisco:ios:15.2\\(1\\)e3", "cpe:/o:cisco:ios:15.4\\(3\\)s5", "cpe:/o:cisco:ios:15.1\\(2\\)sni", "cpe:/o:cisco:ios:15.3\\(3\\)s7", "cpe:/o:cisco:ios:15.2\\(4\\)s4", "cpe:/o:cisco:ios:15.0\\(2\\)se", "cpe:/o:cisco:ios:15.3\\(1\\)s", "cpe:/o:cisco:ios_xe:3.7.0s", "cpe:/o:cisco:ios:15.1\\(4\\)m5", "cpe:/o:cisco:ios:15.2\\(1\\)e1", "cpe:/o:cisco:ios:15.0\\(1\\)m6", "cpe:/o:cisco:ios:12.4\\(15\\)t12", "cpe:/o:cisco:ios:15.0\\(2\\)ex4", "cpe:/o:cisco:ios_xe:3.9.1s", "cpe:/o:cisco:ios_xe:3.1.3as", "cpe:/o:cisco:ios_xe:3.15.0s", "cpe:/o:cisco:ios:12.4\\(15\\)t9", "cpe:/o:cisco:ios:15.5\\(1\\)s3", "cpe:/o:cisco:ios:15.0\\(1\\)xa5", "cpe:/o:cisco:ios:12.4\\(20\\)mrb1", "cpe:/o:cisco:ios:12.4\\(20\\)mr", "cpe:/o:cisco:ios:15.3\\(2\\)s0a", "cpe:/o:cisco:ios_xe:3.16.2as", "cpe:/o:cisco:ios:15.4\\(3\\)m3", "cpe:/o:cisco:ios:12.4\\(22\\)t5", "cpe:/o:cisco:ios:12.4\\(24\\)mdb4", "cpe:/o:cisco:ios:15.3\\(2\\)t2", "cpe:/o:cisco:ios:15.3\\(3\\)jbb2", "cpe:/o:cisco:ios_xe:3.14.3s", "cpe:/o:cisco:ios:15.2\\(1\\)s1", "cpe:/o:cisco:ios:15.3\\(3\\)jn3", "cpe:/o:cisco:ios:12.4\\(22\\)yb4", "cpe:/o:cisco:ios:15.0\\(1\\)xa1", "cpe:/o:cisco:ios:15.2\\(2\\)e", "cpe:/o:cisco:ios:12.4\\(22\\)mda2", "cpe:/o:cisco:ios:12.4\\(22\\)xr5", "cpe:/o:cisco:ios:15.1\\(1\\)sy4", "cpe:/o:cisco:ios:15.1\\(3\\)s1", "cpe:/o:cisco:ios:12.4\\(22\\)yd", "cpe:/o:cisco:ios:15.1\\(2\\)s2", "cpe:/o:cisco:ios:15.0\\(2\\)ex", "cpe:/o:cisco:ios:15.1\\(3\\)mra1", "cpe:/o:cisco:ios_xe:3.1.0s", "cpe:/o:cisco:ios:15.0\\(1\\)xa4", "cpe:/o:cisco:ios:15.0\\(2\\)ex1", "cpe:/o:cisco:ios:15.2\\(4\\)m3", "cpe:/o:cisco:ios:15.0\\(2\\)se5", "cpe:/o:cisco:ios:15.5\\(2\\)s2", "cpe:/o:cisco:ios:15.1\\(3\\)svf1", "cpe:/o:cisco:ios_xe_3.4sg:3.4.7sg", "cpe:/o:cisco:ios:15.1\\(1\\)sg2", "cpe:/o:cisco:ios:15.2\\(4m\\)e1", "cpe:/o:cisco:ios:15.2\\(4\\)jb4", "cpe:/o:cisco:ios:15.0\\(2\\)ex10", "cpe:/o:cisco:ios:15.1\\(3\\)s0a", "cpe:/o:cisco:ios:12.4\\(24\\)md5", "cpe:/o:cisco:ios:15.3\\(3\\)jab", "cpe:/o:cisco:ios:12.4\\(24\\)gc5", "cpe:/o:cisco:ios:15.3\\(3\\)m2", "cpe:/o:cisco:ios_xe:3.4.5s", "cpe:/o:cisco:ios:12.4\\(24\\)ye3", "cpe:/o:cisco:ios:15.0\\(2\\)se3", "cpe:/o:cisco:ios:15.2\\(2\\)t4", "cpe:/o:cisco:ios:12.4\\(22\\)ye2", "cpe:/o:cisco:ios_xe:3.6.0e", "cpe:/o:cisco:ios:15.2\\(2\\)jn1", "cpe:/o:cisco:ios:15.1\\(2\\)sg3", "cpe:/o:cisco:ios:12.4\\(24\\)mdb", "cpe:/o:cisco:ios:15.2\\(2\\)s0c", "cpe:/o:cisco:ios:15.3\\(3\\)jbb4", "cpe:/o:cisco:ios:12.4\\(20\\)t6", "cpe:/o:cisco:ios:15.1\\(3\\)sve", "cpe:/o:cisco:ios:12.4\\(24\\)ye3a", "cpe:/o:cisco:ios:15.1\\(2\\)sy7", "cpe:/o:cisco:ios_xe:3.7.3e", "cpe:/o:cisco:ios:15.1\\(1\\)t", "cpe:/o:cisco:ios_xe:3.15.1cs", "cpe:/o:cisco:ios_xe:3.10.6s", "cpe:/o:cisco:ios:12.4\\(22\\)xr4", "cpe:/o:cisco:ios_xe_3.4sg:3.4.2sg", "cpe:/o:cisco:ios_xe:3.15.1s", "cpe:/o:cisco:ios:15.3\\(3\\)ja1m", "cpe:/o:cisco:ios:15.2\\(2\\)eb", "cpe:/o:cisco:ios:12.4\\(22\\)yb2", "cpe:/o:cisco:ios:15.4\\(2\\)t2", "cpe:/o:cisco:ios_xe:3.7.6s", "cpe:/o:cisco:ios:15.1\\(2\\)gc1", "cpe:/o:cisco:ios:15.2\\(4\\)ja1", "cpe:/o:cisco:ios_xe:3.14.2s", "cpe:/o:cisco:ios:15.2\\(4\\)gc3", "cpe:/o:cisco:ios:12.4\\(20\\)t5", "cpe:/o:cisco:ios:12.4\\(20\\)t1", "cpe:/o:cisco:ios:15.2\\(4\\)jb3s", "cpe:/o:cisco:ios:15.2\\(1\\)gc2", "cpe:/o:cisco:ios:15.2\\(3\\)gc1", "cpe:/o:cisco:ios:12.4\\(24\\)ye4", "cpe:/o:cisco:ios:15.0\\(2\\)ey1", "cpe:/o:cisco:ios:15.1\\(3\\)t2", "cpe:/o:cisco:ios:15.0\\(1\\)s3a", "cpe:/o:cisco:ios:15.1\\(2\\)sg5", "cpe:/o:cisco:ios:15.2\\(1\\)t4", "cpe:/o:cisco:ios:15.3\\(3\\)jb", "cpe:/o:cisco:ios:15.2\\(2\\)sni", "cpe:/o:cisco:ios:15.2\\(4\\)m9", "cpe:/o:cisco:ios:15.1\\(1\\)t1", "cpe:/o:cisco:ios_xe:3.13.3s", "cpe:/o:cisco:ios:15.3\\(1\\)sy", "cpe:/o:cisco:ios:12.4\\(22\\)md1", "cpe:/o:cisco:ios_xe:3.13.4s", "cpe:/o:cisco:ios:12.4\\(24\\)mdb18", "cpe:/o:cisco:ios:15.0\\(1\\)s4", "cpe:/o:cisco:ios:15.3\\(3\\)jnb1", "cpe:/o:cisco:ios:15.2\\(4\\)s4a", "cpe:/o:cisco:ios:15.1\\(1\\)sy6", "cpe:/o:cisco:ios:12.4\\(22\\)yd1", "cpe:/o:cisco:ios:15.3\\(3\\)jbb6a", "cpe:/o:cisco:ios:15.2\\(4\\)m11", "cpe:/o:cisco:ios:15.2\\(2\\)e4", "cpe:/o:cisco:ios_xe:3.7.2e", "cpe:/o:cisco:ios:15.1\\(2\\)ey4", "cpe:/o:cisco:ios:12.4\\(24\\)t4", "cpe:/o:cisco:ios:15.2\\(2\\)s0a", "cpe:/o:cisco:ios_xe:3.18.0s", "cpe:/o:cisco:ios_xe:3.11.3s", "cpe:/o:cisco:ios:15.3\\(3\\)jnc1", "cpe:/o:cisco:ios:15.2\\(4\\)jb6", "cpe:/o:cisco:ios:12.4\\(22\\)t", "cpe:/o:cisco:ios:15.0\\(1\\)mr", "cpe:/o:cisco:ios:12.4\\(22\\)yb3", "cpe:/o:cisco:ios:15.0\\(2\\)ed1", "cpe:/o:cisco:ios:15.1\\(2\\)sg1", "cpe:/o:cisco:ios:15.3\\(3\\)ja", "cpe:/o:cisco:ios:15.3\\(2\\)s1", "cpe:/o:cisco:ios:12.4\\(22\\)xr9", "cpe:/o:cisco:ios:15.0\\(1\\)m5", "cpe:/o:cisco:ios:15.5\\(2\\)t1", "cpe:/o:cisco:ios_xe:3.6.0s", "cpe:/o:cisco:ios:15.1\\(2\\)sy1", "cpe:/o:cisco:ios:15.4\\(1\\)t", "cpe:/o:cisco:ios:15.3\\(3\\)ja8", "cpe:/o:cisco:ios:12.4\\(24\\)t6", "cpe:/o:cisco:ios:12.4\\(15\\)xl4", "cpe:/o:cisco:ios:12.4\\(15\\)t13", "cpe:/o:cisco:ios:15.2\\(3\\)t1", "cpe:/o:cisco:ios:15.5\\(3\\)s", "cpe:/o:cisco:ios:15.1\\(4\\)gc", "cpe:/o:cisco:ios:15.3\\(3\\)jbb5", "cpe:/o:cisco:ios:15.0\\(2\\)se1", "cpe:/o:cisco:ios_xe:3.10.5s", "cpe:/o:cisco:ios:15.5\\(1\\)t4", "cpe:/o:cisco:ios_xe_3.4sg:3.4.3sg", "cpe:/o:cisco:ios:15.1\\(4\\)m1", "cpe:/o:cisco:ios:12.4\\(22\\)yb", "cpe:/o:cisco:ios:12.4\\(24\\)mda3", "cpe:/o:cisco:ios:15.1\\(1\\)mr1", "cpe:/o:cisco:ios:15.1\\(3\\)svd1", "cpe:/o:cisco:ios_xe:3.3.1s", "cpe:/o:cisco:ios:15.3\\(3\\)ja77", "cpe:/o:cisco:ios:15.5\\(3\\)s2", "cpe:/o:cisco:ios:12.4\\(20\\)t2", "cpe:/o:cisco:ios:15.1\\(3\\)s2", "cpe:/o:cisco:ios:12.4\\(24\\)mdb14", "cpe:/o:cisco:ios:12.4\\(22\\)xr3", "cpe:/o:cisco:ios:12.4\\(22\\)yb6", "cpe:/o:cisco:ios_xe:3.7.1s", "cpe:/o:cisco:ios_xe:3.13.0as", "cpe:/o:cisco:ios:12.4\\(24\\)t7", "cpe:/o:cisco:ios:15.1\\(2\\)sg4", "cpe:/o:cisco:ios:15.3\\(3\\)ja5", "cpe:/o:cisco:ios:15.4\\(2\\)t3", "cpe:/o:cisco:ios_xe:3.6.4e", "cpe:/o:cisco:ios_xe:3.13.5s", "cpe:/o:cisco:ios_xe:3.10.0s", "cpe:/o:cisco:ios:15.1\\(3\\)mra3", "cpe:/o:cisco:ios:15.0\\(2\\)se4", "cpe:/o:cisco:ios:12.4\\(24\\)gc3a", "cpe:/o:cisco:ios:12.4\\(24\\)mdb7", "cpe:/o:cisco:ios:12.4\\(20\\)mr2", "cpe:/o:cisco:ios:15.2\\(2\\)jb4", "cpe:/o:cisco:ios:15.0\\(2\\)ek1", "cpe:/o:cisco:ios:15.3\\(3\\)ja6", "cpe:/o:cisco:ios:12.4\\(24\\)mdb8", "cpe:/o:cisco:ios:12.4\\(24\\)md4", "cpe:/o:cisco:ios:15.2\\(1\\)t3a", "cpe:/o:cisco:ios:15.2\\(3\\)e", "cpe:/o:cisco:ios:15.1\\(2\\)t5", "cpe:/o:cisco:ios:15.2\\(2\\)snh1", "cpe:/o:cisco:ios:15.3\\(3\\)jc", "cpe:/o:cisco:ios:12.4\\(24\\)mdb12", "cpe:/o:cisco:ios:15.1\\(2\\)sy5", "cpe:/o:cisco:ios:15.5\\(1\\)t1", "cpe:/o:cisco:ios:15.2\\(2\\)jn2", "cpe:/o:cisco:ios:15.1\\(3\\)s5a", "cpe:/o:cisco:ios:15.0\\(2\\)se6", "cpe:/o:cisco:ios_xe:3.5.1e", "cpe:/o:cisco:ios_xe:3.7.4as", "cpe:/o:cisco:ios:12.4\\(24\\)t", "cpe:/o:cisco:ios:12.4\\(22\\)xr12", "cpe:/o:cisco:ios_xe:3.8.1e", "cpe:/o:cisco:ios:12.4\\(15\\)xl5", "cpe:/o:cisco:ios:15.1\\(1\\)mr3", "cpe:/o:cisco:ios:15.2\\(3\\)gc", "cpe:/o:cisco:ios:15.1\\(4\\)gc2", "cpe:/o:cisco:ios:12.4\\(15\\)t14", "cpe:/o:cisco:ios:15.1\\(3\\)s3", "cpe:/o:cisco:ios:12.4\\(24\\)t1", "cpe:/o:cisco:ios:15.2\\(4\\)jb50", "cpe:/o:cisco:ios:12.4\\(24\\)mdb15", "cpe:/o:cisco:ios:15.1\\(4\\)m4", "cpe:/o:cisco:ios:15.4\\(2\\)t1", "cpe:/o:cisco:ios:15.0\\(2\\)ej", "cpe:/o:cisco:ios:15.1\\(1\\)sy2", "cpe:/o:cisco:ios:15.3\\(3\\)jnb", "cpe:/o:cisco:ios:15.1\\(2\\)t2a", "cpe:/o:cisco:ios:12.4\\(22\\)xr2", "cpe:/o:cisco:ios:12.4\\(22\\)xr7", "cpe:/o:cisco:ios:15.3\\(3\\)m", "cpe:/o:cisco:ios:15.1\\(4\\)m", "cpe:/o:cisco:ios:15.1\\(1\\)t5", "cpe:/o:cisco:ios:15.5\\(3\\)s1a", "cpe:/o:cisco:ios_xe:3.6.1s", "cpe:/o:cisco:ios:15.0\\(1\\)s6", "cpe:/o:cisco:ios:15.2\\(4\\)m6", "cpe:/o:cisco:ios:15.1\\(3\\)s6", "cpe:/o:cisco:ios:15.1\\(2\\)sy2", "cpe:/o:cisco:ios_xe:3.9.2s", "cpe:/o:cisco:ios:12.4\\(24\\)yg1", "cpe:/o:cisco:ios:15.2\\(4\\)jn", "cpe:/o:cisco:ios:15.3\\(1\\)s2", "cpe:/o:cisco:ios:12.4\\(22\\)ye5", "cpe:/o:cisco:ios_xe_3.4sg:3.4.0sg", "cpe:/o:cisco:ios_xe:3.11.0s", "cpe:/o:cisco:ios:15.2\\(1\\)s", "cpe:/o:cisco:ios:12.4\\(24\\)mda5", "cpe:/o:cisco:ios:15.2\\(2\\)eb2", "cpe:/o:cisco:ios:15.0\\(1\\)s5", "cpe:/o:cisco:ios:15.2\\(3m\\)e3", "cpe:/o:cisco:ios:15.1\\(2\\)ey2a", "cpe:/o:cisco:ios:12.4\\(22\\)ye", "cpe:/o:cisco:ios:15.2\\(4\\)jb2", "cpe:/o:cisco:ios:15.1\\(2\\)sy3", "cpe:/o:cisco:ios:15.0\\(1\\)s1", "cpe:/o:cisco:ios:15.2\\(4\\)jb5h", "cpe:/o:cisco:ios:15.2\\(2\\)sng", "cpe:/o:cisco:ios:15.5\\(2\\)s3", "cpe:/o:cisco:ios:15.0\\(2\\)eb", "cpe:/o:cisco:ios:15.1\\(4\\)m3", "cpe:/o:cisco:ios:15.1\\(2\\)snh", "cpe:/o:cisco:ios:15.4\\(3\\)s3", "cpe:/o:cisco:ios:15.0\\(2\\)se7", "cpe:/o:cisco:ios:15.4\\(1\\)t3", "cpe:/o:cisco:ios:15.2\\(2\\)jax1", "cpe:/o:cisco:ios:15.2\\(3\\)t2", "cpe:/o:cisco:ios_xe:3.10.2s", "cpe:/o:cisco:ios:15.3\\(3\\)jbb8", "cpe:/o:cisco:ios:12.4\\(24\\)mdb11", "cpe:/o:cisco:ios_xe:3.4.0s", "cpe:/o:cisco:ios_xe:3.12.2s", "cpe:/o:cisco:ios:12.4\\(24\\)ye", "cpe:/o:cisco:ios:15.4\\(1\\)s3", "cpe:/o:cisco:ios:15.1\\(1\\)t2", "cpe:/o:cisco:ios:15.1\\(3\\)svb1", "cpe:/o:cisco:ios_xe:3.15.3s", "cpe:/o:cisco:ios:12.4\\(24\\)mdb3", "cpe:/o:cisco:ios:15.3\\(3\\)jax2", "cpe:/o:cisco:ios:15.1\\(4\\)m12a", "cpe:/o:cisco:ios:15.3\\(3\\)jnp", "cpe:/o:cisco:ios:15.1\\(1\\)s", "cpe:/o:cisco:ios:15.2\\(1\\)sy", "cpe:/o:cisco:ios:15.5\\(1\\)t", "cpe:/o:cisco:ios_xe:3.8.2s", "cpe:/o:cisco:ios:12.4\\(24\\)mdb13", "cpe:/o:cisco:ios:12.4\\(24\\)yg3", "cpe:/o:cisco:ios:12.4\\(24\\)ye3c", "cpe:/o:cisco:ios_xe:3.14.1s", "cpe:/o:cisco:ios:15.2\\(1\\)sy2", "cpe:/o:cisco:ios:15.2\\(1\\)sy0a", "cpe:/o:cisco:ios:15.2\\(4\\)jb", "cpe:/o:cisco:ios:15.4\\(3\\)s", "cpe:/o:cisco:ios:15.1\\(1\\)mr2", "cpe:/o:cisco:ios:12.4\\(24\\)mdb1", "cpe:/o:cisco:ios:12.4\\(22\\)ye6", "cpe:/o:cisco:ios_xe:3.3.0s", "cpe:/o:cisco:ios:12.4\\(24\\)t3", "cpe:/o:cisco:ios:15.1\\(2\\)t", "cpe:/o:cisco:ios:15.5\\(1\\)s1", "cpe:/o:cisco:ios:12.4\\(24\\)mda9", "cpe:/o:cisco:ios_xe:3.7.7s", "cpe:/o:cisco:ios:12.4\\(24\\)md7", "cpe:/o:cisco:ios_xe:3.4.1s", "cpe:/o:cisco:ios:12.4\\(22\\)xr8", "cpe:/o:cisco:ios:15.3\\(1\\)t1", "cpe:/o:cisco:ios:15.3\\(3\\)s1", "cpe:/o:cisco:ios:15.3\\(1\\)s1", "cpe:/o:cisco:ios:12.4\\(24\\)mdb9", "cpe:/o:cisco:ios:15.0\\(2\\)ec", "cpe:/o:cisco:ios:15.2\\(3\\)e1", "cpe:/o:cisco:ios:12.4\\(24\\)t4e", "cpe:/o:cisco:ios:12.4\\(24\\)t4l", "cpe:/o:cisco:ios:15.2\\(1\\)sy1", "cpe:/o:cisco:ios:15.2\\(3\\)e3", "cpe:/o:cisco:ios:12.4\\(24\\)mdb17", "cpe:/o:cisco:ios:15.1\\(2\\)t0a", "cpe:/o:cisco:ios:15.2\\(4\\)s3a", "cpe:/o:cisco:ios:15.3\\(3\\)s2", "cpe:/o:cisco:ios:15.2\\(2\\)t", "cpe:/o:cisco:ios:15.5\\(3\\)s1", "cpe:/o:cisco:ios_xe:3.1.4as", "cpe:/o:cisco:ios:15.1\\(3\\)mra4", "cpe:/o:cisco:ios:15.2\\(4\\)gc", "cpe:/o:cisco:ios:15.0\\(1\\)m9", "cpe:/o:cisco:ios_xe_16.1:16.1.2", "cpe:/o:cisco:ios_xe:3.1.1s", "cpe:/o:cisco:ios_xe:3.16.1as", "cpe:/o:cisco:ios:15.0\\(1\\)m4", "cpe:/o:cisco:ios:15.6\\(2\\)s", "cpe:/o:cisco:ios:15.2\\(2\\)jb", "cpe:/o:cisco:ios_xe_3.3sg:3.3.1sg", "cpe:/o:cisco:ios_xe_3.4sg:3.4.6sg", "cpe:/o:cisco:ios:15.2\\(4\\)s7", "cpe:/o:cisco:ios:15.4\\(3\\)s4", "cpe:/o:cisco:ios:12.4\\(15\\)t7", "cpe:/o:cisco:ios:15.2\\(1\\)gc", "cpe:/o:cisco:ios:15.5\\(2\\)t4", "cpe:/o:cisco:ios:12.4\\(22\\)yb8", "cpe:/o:cisco:ios:15.0\\(1\\)m7", "cpe:/o:cisco:ios:15.2\\(4\\)m7", "cpe:/o:cisco:ios:15.2\\(1\\)e2", "cpe:/o:cisco:ios:15.2\\(4\\)jb1", "cpe:/o:cisco:ios:15.2\\(1\\)t3", "cpe:/o:cisco:ios:12.4\\(22\\)t3", "cpe:/o:cisco:ios:15.2\\(4\\)m5", "cpe:/o:cisco:ios:15.1\\(3\\)s5", "cpe:/o:cisco:ios:15.4\\(1\\)s1", "cpe:/o:cisco:ios:12.4\\(24\\)mda13", "cpe:/o:cisco:ios:12.4\\(24\\)mdb5", "cpe:/o:cisco:ios_xe:3.12.0as", "cpe:/o:cisco:ios:15.5\\(3\\)s0a", "cpe:/o:cisco:ios:15.4\\(3\\)m", "cpe:/o:cisco:ios:12.4\\(15\\)t8", "cpe:/o:cisco:ios:12.4\\(20\\)t4", "cpe:/o:cisco:ios:15.3\\(1\\)t4", "cpe:/o:cisco:ios:12.4\\(22\\)t2", "cpe:/o:cisco:ios:15.0\\(2\\)eh", "cpe:/o:cisco:ios:15.4\\(2\\)s3", "cpe:/o:cisco:ios:15.0\\(2\\)ed", "cpe:/o:cisco:ios:12.4\\(22\\)mda1", "cpe:/o:cisco:ios:15.3\\(3\\)jn7", "cpe:/o:cisco:ios_xe:3.6.2ae", "cpe:/o:cisco:ios:12.4\\(24\\)ye3b", "cpe:/o:cisco:ios:15.3\\(3\\)ja1", "cpe:/o:cisco:ios:15.2\\(4\\)m6a", "cpe:/o:cisco:ios:15.2\\(2\\)s", "cpe:/o:cisco:ios:15.0\\(2\\)mr", "cpe:/o:cisco:ios_xe:3.1.4s", "cpe:/o:cisco:ios:15.2\\(4\\)jb3a", "cpe:/o:cisco:ios:15.1\\(1\\)sy3", "cpe:/o:cisco:ios:15.1\\(3\\)mra", "cpe:/o:cisco:ios:15.0\\(2\\)ez", "cpe:/o:cisco:ios_xe_3.4sg:3.4.4sg", "cpe:/o:cisco:ios:15.2\\(3\\)t", "cpe:/o:cisco:ios:15.0\\(1\\)m3", "cpe:/o:cisco:ios_xe:3.12.1s", "cpe:/o:cisco:ios:15.3\\(3\\)jn8", "cpe:/o:cisco:ios:15.2\\(1\\)ey", "cpe:/o:cisco:ios_xe_3.3xo:3.3.0xo", "cpe:/o:cisco:ios_xe:3.8.1s", "cpe:/o:cisco:ios:15.5\\(3\\)m0a", "cpe:/o:cisco:ios:15.2\\(4\\)jb7", "cpe:/o:cisco:ios:15.4\\(2\\)s1", "cpe:/o:cisco:ios:15.2\\(4\\)e", "cpe:/o:cisco:ios:15.1\\(1\\)sy5", "cpe:/o:cisco:ios:12.4\\(24\\)md3", "cpe:/o:cisco:ios:15.1\\(1\\)mr", "cpe:/o:cisco:ios:15.1\\(4\\)m3a", "cpe:/o:cisco:ios:15.2\\(1\\)t2", "cpe:/o:cisco:ios:15.3\\(3\\)m6", "cpe:/o:cisco:ios:15.5\\(1\\)s2"], "id": "CVE-2016-6381", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6381", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:cisco:ios_xe_3.4sg:3.4.1sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)t5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)xr1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)md:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)ja:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)ey1a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)m11:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)s2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.5.2e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)mra:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)m1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.16.1as:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)mra4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)t:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb3b:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(2\\)s2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja1n:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.13.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)t1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)ye:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(1\\)t2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)ye2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(20\\)t4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)svf1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(3\\)e3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.13.2as:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.15.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)mr:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)t3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)sg2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mdb17:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(1\\)sy:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.3.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)xr5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(1\\)s2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(2\\)t4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)xr2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(20\\)t3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnc:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.11.4s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)xr10:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)ey4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)s4a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(4\\)m12a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.6\\(2\\)sn:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(1\\)t3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)s1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)ey2a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(4\\)m10:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)sni1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jax2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mdb14:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.5.1e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(4\\)gc:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)svd:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.4.4s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)snh:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(1\\)s2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(3\\)s4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(4\\)m8:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.11.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy1a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(20\\)mrb1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)t2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.6\\(1\\)s1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb5h:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)t5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mdb15:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mda13:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(15\\)t9:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)m8:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)yd1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)ye6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)s5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(20\\)t5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.5.3e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(1\\)t1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb5m:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)m10:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(1\\)s1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.10.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)mr:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)ey2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)s4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)m7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(4\\)m:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)m5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)s4a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)s2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(3\\)e1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(3\\)t3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)ey3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)mda5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(1\\)gc2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mdb16:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy4a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)ex2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)sg5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(1\\)t:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.1.3as:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(3\\)t2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)ey3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.8.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)jax1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(1\\)s3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)m4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.8.0e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.4sg:3.4.6sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)yg3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)sng:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)sg2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(2\\)s4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(2\\)s0a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(4\\)m3a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)se5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.3sg:3.3.2sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb6a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mda6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)m10:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(3\\)m:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)ye2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.12.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.10.7s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)gc:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(1\\)t3a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.4sg:3.4.0sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)m4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)mra2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(3\\)t1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.10.3s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)m9:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(1\\)s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)s6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)mda3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(1\\)gc:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)ye5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy0a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.17.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)sni:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)ek:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)t2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)s1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)md4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)ej:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(2\\)t4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(15\\)t7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.4.0as:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(15\\)xl5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(1\\)t4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.2e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(3m\\)e8:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)m3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)ed1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(4\\)m3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)s3a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)m1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.10.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jaa:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(1\\)t3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)m6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)t4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(15\\)t16:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)t4b:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)s6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)xa3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)e4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(1\\)s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)sni:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(1\\)s1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)ye3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(4\\)gc1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jn4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(3\\)m2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(1\\)s1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(3\\)m1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)yd4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(15\\)t17:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)t3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)svd1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)gc:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(1\\)s1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.9.1as:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.14.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.11.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)t4d:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb8:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.13.3s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.3sg:3.3.1sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)eb:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(2\\)t1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.1.4s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)yb5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnb3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(1\\)t:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.15.1cs:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.3sg:3.3.0sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb50:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.4as:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)ye3b:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.13.0as:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(3\\)s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)t:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)t3f:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(15\\)t12:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.16.0cs:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.13.4s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)gc2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mdb:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(3\\)s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)eb:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)md7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)sg1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.16.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb50:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)md5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(3\\)s2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)se1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)t4c:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)s0a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)yb4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)svf:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)m6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)s6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)mr:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)t3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)md:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jn3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(15\\)t8:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)ey:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.14.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)ye3e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.6.2e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)sy1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)t1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4m\\)e1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.6.3e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(3\\)m4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)sy:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(20\\)t2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(15\\)t11:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(2\\)s1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.8.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(2\\)t2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mda2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)ex:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.10.1xbs:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(1\\)t1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mda4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)se:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)t8:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(1\\)t4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)se4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.14.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.4sg:3.4.7sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2a\\)ex5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)t:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mda1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2a\\)se9:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mda12:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.13.5s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)ey:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.6.4e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mda8:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(2\\)t1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)yb6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(1\\)s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)ye:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)t4e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(1\\)s3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)t:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.12.0as:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jn7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.15.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)ej1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(2\\)t1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(2\\)t3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb3s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnb1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)m2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(3m\\)e2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(3\\)t4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)t2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)yb:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.12.4s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)m9:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)ey1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(3a\\)e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)gc4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.4sg:3.4.5sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)gc:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)t4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)gc3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(1\\)s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)ex8:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(1\\)sy1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(3\\)s0a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.6.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(15\\)t13:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(2\\)t:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.3xo:3.3.0xo:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)m:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)s3a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)xr3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)s1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.4sg:3.4.3sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(1\\)cg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(4\\)m5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(15\\)t14:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(4\\)m6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(1\\)gc1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)ye5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mda5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.3.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.4.5s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(2\\)s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.3e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)mda1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(3\\)m0a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)ye7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)e1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb3h:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.4.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(3\\)e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)ye6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)s3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)xa4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)m2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)mda4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)ed:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(3\\)gc1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)ex10:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja9:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.6.1e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(4\\)m9:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)t3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)t:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(1\\)ey:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(1\\)e3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(1\\)e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mda7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.10.5s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(1\\)s2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(3m\\)e3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mda11:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)se9:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.9.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(1\\)t1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.6\\(1\\)s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.17.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)jn:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)ye3a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.4.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mdb1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)s5a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)t4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)t4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)t1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.11.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)ex4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.3s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)e1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)ja1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)gc3a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)m:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)svf4a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)svb1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)xr11:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(1\\)t4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnp1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)jax:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(1\\)s4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)md2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)s1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.5.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)s6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(3\\)m5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.3.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)xa5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(3\\)t:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.6.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)gc5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)sg3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)yb2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)xr6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.13.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.1e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)mr4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)ye3c:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)t4l:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)mr1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jn8:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(2\\)s1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jax:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)m1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)s7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)s0c:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2a\\)e1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)t2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)s1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.1.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)s2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mdb3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(2\\)s3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.4.3s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)mra1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mda9:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)m3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(4\\)gc2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)t5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.15.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)sg1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)t1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)s5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)ja1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)md3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)xr12:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mdb11:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)t2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)gc1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)m6a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)svd2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)jn1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)m:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.6\\(1\\)t0a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jb75:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.15.3s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mdb12:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)t:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(3\\)m:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(3\\)m1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)yb7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)t0a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(2\\)t2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)t4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)sg4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja8:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.1.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)sve:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)yg1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)md1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.10.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)e2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)gc3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)xr8:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)m5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(3\\)s5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)se6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.6\\(2\\)s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)t1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.9.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)md6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)t4f:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jc:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)yd2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.12.3s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(1\\)t:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(2\\)s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)gc1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb3a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)t3e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.6\\(1\\)t1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)jn2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)s0a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)s2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(1\\)t2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)t6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mdb13:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(1\\)t1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)mr2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)yg4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(15\\)t15:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mdb10:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(1\\)t:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jax1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(20\\)mr2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)xa1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.6.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)eh:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.4s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnb2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)xa:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(2\\)t3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)s1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.12.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.13.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mda3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)m3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)ex3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.2.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(20\\)t1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)s5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)s1a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)t5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(1\\)t3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(15\\)xl4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(2\\)s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.3xo:3.3.1xo:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(4\\)m2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.4sg:3.4.2sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(20\\)t6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)ex1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(15\\)t10:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)t7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mdb19:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)s2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)m5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)gc1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.18.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.8.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jb:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(2\\)t3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.9.0as:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)xb:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)gc2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mdb5a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.14.3s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)s4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mdb7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)ye3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.12.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(4\\)m7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)ey2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(20\\)mrb:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(1\\)t2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_16.1:16.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(3\\)s2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.2.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.0e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)s2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)m8:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(3\\)gc:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(3\\)sn:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)s5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)t3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(3\\)s3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)se7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)ye1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.16.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.5s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)mr3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(3\\)m3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)jb5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mdb18:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(3\\)s1a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)ez:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)eb2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(1\\)t4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.5.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.6.0e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)ye4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnp:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.10.4s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.6s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(2\\)s2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.5.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mdb8:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.10.6s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)sg7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)yb8:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(2\\)t:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)sng:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.7s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)xr7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)gc1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)mda:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)m4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(1\\)t2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(2\\)t4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)xr4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(1\\)e1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.6\\(1\\)t:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)jb2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.4sg:3.4.4sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(4\\)m4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.16.2as:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.2ts:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)s4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnc1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)ye3d:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)m7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)mda6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)ex5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)m2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)yb1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mdb5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mdb6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)s2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mdb4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)ye1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)t4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(3\\)e2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)t2a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)xa2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.4.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(1\\)e2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)se3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.6.2ae:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja77:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)eb1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(20\\)mr:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mdb9:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)yd:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)t3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(1\\)s2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)t4a:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(3\\)m2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)sg6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.8.1e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jab:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)ye4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)mda10:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)s3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.5.0e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jbb5:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(1\\)sy4:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)snh1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(1\\)s1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)mr:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(3\\)s1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.9.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)ec:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(2\\)t2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)s7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)xr9:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)t1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(4\\)m1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)ek1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(2\\)s2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(2\\)sy1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.4.6s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)md2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)m7:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(4\\)ja:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)yg2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.5\\(2\\)t:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(2\\)t2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(2\\)cg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(1\\)cg1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(24\\)md1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)ja1m:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)yd3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)mra3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(2\\)s3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.4\\(2\\)s1:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.16.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.1.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.0\\(2\\)se2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)m6:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.1\\(3\\)s3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)jnb:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.2\\(1\\)t3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)yb3:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:12.4\\(22\\)mda2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.11.3s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.1.4as:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios:15.3\\(3\\)s4:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2019-10-09T15:20:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6381"], "description": "A vulnerability in the Internet Key Exchange version 1 (IKEv1) fragmentation\ncode of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an exhaustion of available\nmemory or a reload of the affected system.", "modified": "2019-10-09T00:00:00", "published": "2016-09-29T00:00:00", "id": "OPENVAS:1361412562310106308", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310106308", "type": "openvas", "title": "Cisco IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Cisco IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/o:cisco:ios_xe\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.106308\");\n script_cve_id(\"CVE-2016-6381\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_version(\"2019-10-09T06:43:33+0000\");\n\n script_name(\"Cisco IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability\");\n\n script_xref(name:\"URL\", value:\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"See the referenced vendor advisory for a solution.\");\n\n script_tag(name:\"summary\", value:\"A vulnerability in the Internet Key Exchange version 1 (IKEv1) fragmentation\ncode of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an exhaustion of available\nmemory or a reload of the affected system.\");\n\n script_tag(name:\"insight\", value:\"The vulnerability is due to the improper handling of crafted, fragmented\nIKEv1 packets. An attacker could exploit this vulnerability by sending crafted UDP packets to the affected\nsystem.\");\n\n script_tag(name:\"impact\", value:\"An exploit could allow the attacker to cause a reload of the affected\nsystem.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"last_modification\", value:\"2019-10-09 06:43:33 +0000 (Wed, 09 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-09-29 15:13:38 +0700 (Thu, 29 Sep 2016)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"CISCO\");\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_dependencies(\"gb_cisco_ios_xe_version.nasl\");\n script_mandatory_keys(\"cisco_ios_xe/version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! version = get_app_version( cpe:CPE ) ) exit( 0 );\n\naffected = make_list(\n '3.18.0S',\n '3.8.0E',\n '3.8.1E',\n '3.1.3a.S',\n '3.1.0S',\n '3.1.1S',\n '3.1.2S',\n '3.1.4S',\n '3.1.4a.S',\n '3.2.1S',\n '3.2.2S',\n '3.3.0S',\n '3.3.1S',\n '3.3.2S',\n '3.3.0SG',\n '3.3.1SG',\n '3.3.2SG',\n '3.3.0XO',\n '3.3.1XO',\n '3.4.0S',\n '3.4.0a.S',\n '3.4.1S',\n '3.4.2S',\n '3.4.3S',\n '3.4.4S',\n '3.4.5S',\n '3.4.6S',\n '3.4.0SG',\n '3.4.1SG',\n '3.4.2SG',\n '3.4.3SG',\n '3.4.4SG',\n '3.4.5SG',\n '3.4.6SG',\n '3.4.7SG',\n '3.5.0E',\n '3.5.1E',\n '3.5.2E',\n '3.5.3E',\n '3.5.0S',\n '3.5.1S',\n '3.5.2S',\n '3.6.4E',\n '3.6.0E',\n '3.6.1E',\n '3.6.2a.E',\n '3.6.2E',\n '3.6.3E',\n '3.6.0S',\n '3.6.1S',\n '3.6.2S',\n '3.7.3E',\n '3.7.0E',\n '3.7.1E',\n '3.7.2E',\n '3.7.0S',\n '3.7.1S',\n '3.7.2S',\n '3.7.2t.S',\n '3.7.3S',\n '3.7.4S',\n '3.7.4a.S',\n '3.7.5S',\n '3.7.6S',\n '3.7.7S',\n '3.8.0S',\n '3.8.1S',\n '3.8.2S',\n '3.9.0S',\n '3.9.0a.S',\n '3.9.1S',\n '3.9.1a.S',\n '3.9.2S',\n '3.10.0S',\n '3.10.1S',\n '3.10.1xb.S',\n '3.10.2S',\n '3.10.3S',\n '3.10.4S',\n '3.10.5S',\n '3.10.6S',\n '3.10.7S',\n '3.11.0S',\n '3.11.1S',\n '3.11.2S',\n '3.11.3S',\n '3.11.4S',\n '3.12.0S',\n '3.12.0a.S',\n '3.12.1S',\n '3.12.4S',\n '3.12.2S',\n '3.12.3S',\n '3.13.2a.S',\n '3.13.5S',\n '3.13.0S',\n '3.13.0a.S',\n '3.13.1S',\n '3.13.2S',\n '3.13.3S',\n '3.13.4S',\n '3.14.0S',\n '3.14.1S',\n '3.14.2S',\n '3.14.3S',\n '3.15.1c.S',\n '3.15.3S',\n '3.15.0S',\n '3.15.1S',\n '3.15.2S',\n '3.17.0S',\n '3.17.1S',\n '16.1.1',\n '16.1.2',\n '3.16.0S',\n '3.16.0c.S',\n '3.16.1S',\n '3.16.1a.S',\n '3.16.2S',\n '3.16.2a.S' );\n\nforeach af ( affected )\n{\n if( version == af )\n {\n report = report_fixed_ver( installed_version:version, fixed_version: \"See advisory\" );\n security_message( port:0, data:report );\n exit( 0 );\n }\n}\n\nexit( 99 );\n\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-10-09T15:19:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6381"], "description": "A vulnerability in the Internet Key Exchange version 1 (IKEv1) fragmentation\ncode of Cisco IOS Software could allow an unauthenticated, remote attacker to cause an exhaustion of available\nmemory or a reload of the affected system.", "modified": "2019-10-09T00:00:00", "published": "2016-09-29T00:00:00", "id": "OPENVAS:1361412562310106307", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310106307", "type": "openvas", "title": "Cisco IOS Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Cisco IOS Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/o:cisco:ios\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.106307\");\n script_cve_id(\"CVE-2016-6381\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_version(\"2019-10-09T06:43:33+0000\");\n\n script_name(\"Cisco IOS Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability\");\n\n script_xref(name:\"URL\", value:\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"See the referenced vendor advisory for a solution.\");\n\n script_tag(name:\"summary\", value:\"A vulnerability in the Internet Key Exchange version 1 (IKEv1) fragmentation\ncode of Cisco IOS Software could allow an unauthenticated, remote attacker to cause an exhaustion of available\nmemory or a reload of the affected system.\");\n\n script_tag(name:\"insight\", value:\"The vulnerability is due to the improper handling of crafted, fragmented\nIKEv1 packets. An attacker could exploit this vulnerability by sending crafted UDP packets to the affected\nsystem.\");\n\n script_tag(name:\"impact\", value:\"An exploit could allow the attacker to cause a reload of the affected\nsystem.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"last_modification\", value:\"2019-10-09 06:43:33 +0000 (Wed, 09 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-09-29 15:08:49 +0700 (Thu, 29 Sep 2016)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"CISCO\");\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_dependencies(\"gb_ssh_cisco_ios_get_version.nasl\");\n script_mandatory_keys(\"cisco_ios/version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! version = get_app_version( cpe:CPE ) ) exit( 0 );\n\naffected = make_list(\n '12.4(22)GC1',\n '12.4(24)GC1',\n '12.4(24)GC3',\n '12.4(24)GC3a',\n '12.4(24)GC4',\n '12.4(24)GC5',\n '12.4(22)MD',\n '12.4(22)MD1',\n '12.4(22)MD2',\n '12.4(24)MD',\n '12.4(24)MD1',\n '12.4(24)MD2',\n '12.4(24)MD3',\n '12.4(24)MD4',\n '12.4(24)MD5',\n '12.4(24)MD6',\n '12.4(24)MD7',\n '12.4(22)MDA',\n '12.4(22)MDA1',\n '12.4(22)MDA2',\n '12.4(22)MDA3',\n '12.4(22)MDA4',\n '12.4(22)MDA5',\n '12.4(22)MDA6',\n '12.4(24)MDA1',\n '12.4(24)MDA10',\n '12.4(24)MDA11',\n '12.4(24)MDA12',\n '12.4(24)MDA13',\n '12.4(24)MDA2',\n '12.4(24)MDA3',\n '12.4(24)MDA4',\n '12.4(24)MDA5',\n '12.4(24)MDA6',\n '12.4(24)MDA7',\n '12.4(24)MDA8',\n '12.4(24)MDA9',\n '12.4(24)MDB',\n '12.4(24)MDB1',\n '12.4(24)MDB10',\n '12.4(24)MDB11',\n '12.4(24)MDB12',\n '12.4(24)MDB13',\n '12.4(24)MDB14',\n '12.4(24)MDB15',\n '12.4(24)MDB16',\n '12.4(24)MDB17',\n '12.4(24)MDB18',\n '12.4(24)MDB19',\n '12.4(24)MDB3',\n '12.4(24)MDB4',\n '12.4(24)MDB5',\n '12.4(24)MDB5a',\n '12.4(24)MDB6',\n '12.4(24)MDB7',\n '12.4(24)MDB8',\n '12.4(24)MDB9',\n '12.4(20)MR',\n '12.4(20)MR2',\n '12.4(20)MRB',\n '12.4(20)MRB1',\n '12.4(15)T10',\n '12.4(15)T11',\n '12.4(15)T12',\n '12.4(15)T13',\n '12.4(15)T14',\n '12.4(15)T15',\n '12.4(15)T16',\n '12.4(15)T17',\n '12.4(15)T7',\n '12.4(15)T8',\n '12.4(15)T9',\n '12.4(20)T1',\n '12.4(20)T2',\n '12.4(20)T3',\n '12.4(20)T4',\n '12.4(20)T5',\n '12.4(20)T6',\n '12.4(22)T',\n '12.4(22)T1',\n '12.4(22)T2',\n '12.4(22)T3',\n '12.4(22)T4',\n '12.4(22)T5',\n '12.4(24)T',\n '12.4(24)T1',\n '12.4(24)T2',\n '12.4(24)T3',\n '12.4(24)T3e',\n '12.4(24)T3f',\n '12.4(24)T4',\n '12.4(24)T4a',\n '12.4(24)T4b',\n '12.4(24)T4c',\n '12.4(24)T4d',\n '12.4(24)T4e',\n '12.4(24)T4f',\n '12.4(24)T4l',\n '12.4(24)T5',\n '12.4(24)T6',\n '12.4(24)T7',\n '12.4(24)T8',\n '12.4(15)XL4',\n '12.4(15)XL5',\n '12.4(22)XR1',\n '12.4(22)XR10',\n '12.4(22)XR11',\n '12.4(22)XR12',\n '12.4(22)XR2',\n '12.4(22)XR3',\n '12.4(22)XR4',\n '12.4(22)XR5',\n '12.4(22)XR6',\n '12.4(22)XR7',\n '12.4(22)XR8',\n '12.4(22)XR9',\n '12.4(22)YB',\n '12.4(22)YB1',\n '12.4(22)YB2',\n '12.4(22)YB3',\n '12.4(22)YB4',\n '12.4(22)YB5',\n '12.4(22)YB6',\n '12.4(22)YB7',\n '12.4(22)YB8',\n '12.4(22)YD',\n '12.4(22)YD1',\n '12.4(22)YD2',\n '12.4(22)YD3',\n '12.4(22)YD4',\n '12.4(22)YE',\n '12.4(22)YE1',\n '12.4(22)YE2',\n '12.4(22)YE3',\n '12.4(22)YE4',\n '12.4(22)YE5',\n '12.4(22)YE6',\n '12.4(24)YE',\n '12.4(24)YE1',\n '12.4(24)YE2',\n '12.4(24)YE3',\n '12.4(24)YE3a',\n '12.4(24)YE3b',\n '12.4(24)YE3c',\n '12.4(24)YE3d',\n '12.4(24)YE3e',\n '12.4(24)YE4',\n '12.4(24)YE5',\n '12.4(24)YE6',\n '12.4(24)YE7',\n '12.4(24)YG1',\n '12.4(24)YG2',\n '12.4(24)YG3',\n '12.4(24)YG4',\n '15.0(2)EB',\n '15.0(2)EC',\n '15.0(2)ED',\n '15.0(2)ED1',\n '15.0(2)EH',\n '15.0(2)EJ',\n '15.0(2)EJ1',\n '15.0(2)EK',\n '15.0(2)EK1',\n '15.0(2)EX',\n '15.0(2)EX1',\n '15.0(2)EX10',\n '15.0(2)EX2',\n '15.0(2)EX3',\n '15.0(2)EX4',\n '15.0(2)EX5',\n '15.0(2)EX8',\n '15.0(2a)EX5',\n '15.0(2)EY',\n '15.0(2)EY1',\n '15.0(2)EY2',\n '15.0(2)EY3',\n '15.0(2)EZ',\n '15.0(1)M',\n '15.0(1)M1',\n '15.0(1)M10',\n '15.0(1)M2',\n '15.0(1)M3',\n '15.0(1)M4',\n '15.0(1)M5',\n '15.0(1)M6',\n '15.0(1)M7',\n '15.0(1)M8',\n '15.0(1)M9',\n '15.0(1)MR',\n '15.0(2)MR',\n '15.0(1)S',\n '15.0(1)S1',\n '15.0(1)S2',\n '15.0(1)S3a',\n '15.0(1)S4',\n '15.0(1)S4a',\n '15.0(1)S5',\n '15.0(1)S6',\n '15.0(2)SE',\n '15.0(2)SE1',\n '15.0(2)SE2',\n '15.0(2)SE3',\n '15.0(2)SE4',\n '15.0(2)SE5',\n '15.0(2)SE6',\n '15.0(2)SE7',\n '15.0(2)SE9',\n '15.0(2a)SE9',\n '15.0(1)XA',\n '15.0(1)XA1',\n '15.0(1)XA2',\n '15.0(1)XA3',\n '15.0(1)XA4',\n '15.0(1)XA5',\n '15.1(2)EY',\n '15.1(2)EY1a',\n '15.1(2)EY2',\n '15.1(2)EY2a',\n '15.1(2)EY3',\n '15.1(2)EY4',\n '15.1(2)GC',\n '15.1(2)GC1',\n '15.1(2)GC2',\n '15.1(4)GC',\n '15.1(4)GC1',\n '15.1(4)GC2',\n '15.1(4)M',\n '15.1(4)M1',\n '15.1(4)M10',\n '15.1(4)M12a',\n '15.1(4)M2',\n '15.1(4)M3',\n '15.1(4)M3a',\n '15.1(4)M4',\n '15.1(4)M5',\n '15.1(4)M6',\n '15.1(4)M7',\n '15.1(4)M8',\n '15.1(4)M9',\n '15.1(1)MR',\n '15.1(1)MR1',\n '15.1(1)MR2',\n '15.1(1)MR3',\n '15.1(1)MR4',\n '15.1(3)MR',\n '15.1(3)MRA',\n '15.1(3)MRA1',\n '15.1(3)MRA2',\n '15.1(3)MRA3',\n '15.1(3)MRA4',\n '15.1(1)S',\n '15.1(1)S1',\n '15.1(1)S2',\n '15.1(2)S',\n '15.1(2)S1',\n '15.1(2)S2',\n '15.1(3)S',\n '15.1(3)S0a',\n '15.1(3)S1',\n '15.1(3)S2',\n '15.1(3)S3',\n '15.1(3)S4',\n '15.1(3)S5',\n '15.1(3)S5a',\n '15.1(3)S6',\n '15.1(1)SG',\n '15.1(1)SG1',\n '15.1(1)SG2',\n '15.1(2)SG',\n '15.1(2)SG1',\n '15.1(2)SG2',\n '15.1(2)SG3',\n '15.1(2)SG4',\n '15.1(2)SG5',\n '15.1(2)SG6',\n '15.1(2)SG7',\n '15.1(2)SNG',\n '15.1(2)SNH',\n '15.1(2)SNI',\n '15.1(2)SNI1',\n '15.1(3)SVB1',\n '15.1(3)SVD',\n '15.1(3)SVD1',\n '15.1(3)SVD2',\n '15.1(3)SVE',\n '15.1(3)SVF',\n '15.1(3)SVF1',\n '15.1(3)SVF4a',\n '15.1(1)SY',\n '15.1(1)SY1',\n '15.1(1)SY2',\n '15.1(1)SY3',\n '15.1(1)SY4',\n '15.1(1)SY5',\n '15.1(1)SY6',\n '15.1(2)SY',\n '15.1(2)SY1',\n '15.1(2)SY2',\n '15.1(2)SY3',\n '15.1(2)SY4',\n '15.1(2)SY4a',\n '15.1(2)SY5',\n '15.1(2)SY6',\n '15.1(2)SY7',\n '15.1(1)T',\n '15.1(1)T1',\n '15.1(1)T2',\n '15.1(1)T3',\n '15.1(1)T4',\n '15.1(1)T5',\n '15.1(2)T',\n '15.1(2)T0a',\n '15.1(2)T1',\n '15.1(2)T2',\n '15.1(2)T2a',\n '15.1(2)T3',\n '15.1(2)T4',\n '15.1(2)T5',\n '15.1(3)T',\n '15.1(3)T1',\n '15.1(3)T2',\n '15.1(3)T3',\n '15.1(3)T4',\n '15.1(1)XB',\n '15.2(1)E',\n '15.2(1)E1',\n '15.2(1)E2',\n '15.2(1)E3',\n '15.2(2)E',\n '15.2(2)E1',\n '15.2(2)E2',\n '15.2(2)E4',\n '15.2(2a)E1',\n '15.2(3)E',\n '15.2(3)E1',\n '15.2(3)E2',\n '15.2(3)E3',\n '15.2(3a)E',\n '15.2(3m)E2',\n '15.2(3m)E3',\n '15.2(3m)E8',\n '15.2(4)E',\n '15.2(4)E1',\n '15.2(4m)E1',\n '15.2(2)EB',\n '15.2(2)EB1',\n '15.2(2)EB2',\n '15.2(1)EY',\n '15.2(1)GC',\n '15.2(1)GC1',\n '15.2(1)GC2',\n '15.2(2)GC',\n '15.2(3)GC',\n '15.2(3)GC1',\n '15.2(4)GC',\n '15.2(4)GC1',\n '15.2(4)GC2',\n '15.2(4)GC3',\n '15.2(2)JA',\n '15.2(2)JA1',\n '15.2(4)JA',\n '15.2(4)JA1',\n '15.2(2)JAX',\n '15.2(2)JAX1',\n '15.2(2)JB',\n '15.2(2)JB2',\n '15.2(2)JB3',\n '15.2(2)JB4',\n '15.2(2)JB5',\n '15.2(4)JB',\n '15.2(4)JB1',\n '15.2(4)JB2',\n '15.2(4)JB3',\n '15.2(4)JB3a',\n '15.2(4)JB3b',\n '15.2(4)JB3h',\n '15.2(4)JB3s',\n '15.2(4)JB4',\n '15.2(4)JB5',\n '15.2(4)JB5h',\n '15.2(4)JB5m',\n '15.2(4)JB50',\n '15.2(4)JB6',\n '15.2(4)JB7',\n '15.2(2)JN1',\n '15.2(2)JN2',\n '15.2(4)JN',\n '15.2(4)M',\n '15.2(4)M1',\n '15.2(4)M10',\n '15.2(4)M11',\n '15.2(4)M2',\n '15.2(4)M3',\n '15.2(4)M4',\n '15.2(4)M5',\n '15.2(4)M6',\n '15.2(4)M6a',\n '15.2(4)M7',\n '15.2(4)M8',\n '15.2(4)M9',\n '15.2(1)S',\n '15.2(1)S1',\n '15.2(1)S2',\n '15.2(2)S',\n '15.2(2)S0a',\n '15.2(2)S0c',\n '15.2(2)S1',\n '15.2(2)S2',\n '15.2(4)S',\n '15.2(4)S1',\n '15.2(4)S2',\n '15.2(4)S3',\n '15.2(4)S3a',\n '15.2(4)S4',\n '15.2(4)S4a',\n '15.2(4)S5',\n '15.2(4)S6',\n '15.2(4)S7',\n '15.2(2)SNG',\n '15.2(2)SNH1',\n '15.2(2)SNI',\n '15.2(1)SY',\n '15.2(1)SY0a',\n '15.2(1)SY1',\n '15.2(1)SY1a',\n '15.2(1)SY2',\n '15.2(2)SY',\n '15.2(2)SY1',\n '15.2(1)T',\n '15.2(1)T1',\n '15.2(1)T2',\n '15.2(1)T3',\n '15.2(1)T3a',\n '15.2(1)T4',\n '15.2(2)T',\n '15.2(2)T1',\n '15.2(2)T2',\n '15.2(2)T3',\n '15.2(2)T4',\n '15.2(3)T',\n '15.2(3)T1',\n '15.2(3)T2',\n '15.2(3)T3',\n '15.2(3)T4',\n '15.3(3)JA',\n '15.3(3)JA1',\n '15.3(3)JA1m',\n '15.3(3)JA1n',\n '15.3(3)JA4',\n '15.3(3)JA5',\n '15.3(3)JA6',\n '15.3(3)JA7',\n '15.3(3)JA77',\n '15.3(3)JA8',\n '15.3(3)JA9',\n '15.3(3)JAA',\n '15.3(3)JAB',\n '15.3(3)JAX',\n '15.3(3)JAX1',\n '15.3(3)JAX2',\n '15.3(3)JB',\n '15.3(3)JB75',\n '15.3(3)JBB',\n '15.3(3)JBB1',\n '15.3(3)JBB2',\n '15.3(3)JBB4',\n '15.3(3)JBB5',\n '15.3(3)JBB50',\n '15.3(3)JBB6',\n '15.3(3)JBB6a',\n '15.3(3)JBB8',\n '15.3(3)JC',\n '15.3(3)JN3',\n '15.3(3)JN4',\n '15.3(3)JN7',\n '15.3(3)JN8',\n '15.3(3)JNB',\n '15.3(3)JNB1',\n '15.3(3)JNB2',\n '15.3(3)JNB3',\n '15.3(3)JNC',\n '15.3(3)JNC1',\n '15.3(3)JNP',\n '15.3(3)JNP1',\n '15.3(3)M',\n '15.3(3)M1',\n '15.3(3)M2',\n '15.3(3)M3',\n '15.3(3)M4',\n '15.3(3)M5',\n '15.3(3)M6',\n '15.3(3)M7',\n '15.3(1)S',\n '15.3(1)S1',\n '15.3(1)S2',\n '15.3(2)S',\n '15.3(2)S0a',\n '15.3(2)S1',\n '15.3(2)S2',\n '15.3(3)S',\n '15.3(3)S1',\n '15.3(3)S1a',\n '15.3(3)S2',\n '15.3(3)S3',\n '15.3(3)S4',\n '15.3(3)S5',\n '15.3(3)S6',\n '15.3(3)S7',\n '15.3(1)SY',\n '15.3(1)T',\n '15.3(1)T1',\n '15.3(1)T2',\n '15.3(1)T3',\n '15.3(1)T4',\n '15.3(2)T',\n '15.3(2)T1',\n '15.3(2)T2',\n '15.3(2)T3',\n '15.3(2)T4',\n '15.4(1)CG',\n '15.4(1)CG1',\n '15.4(2)CG',\n '15.4(3)M',\n '15.4(3)M1',\n '15.4(3)M2',\n '15.4(3)M3',\n '15.4(3)M4',\n '15.4(3)M5',\n '15.4(1)S',\n '15.4(1)S1',\n '15.4(1)S2',\n '15.4(1)S3',\n '15.4(1)S4',\n '15.4(2)S',\n '15.4(2)S1',\n '15.4(2)S2',\n '15.4(2)S3',\n '15.4(2)S4',\n '15.4(3)S',\n '15.4(3)S1',\n '15.4(3)S2',\n '15.4(3)S3',\n '15.4(3)S4',\n '15.4(3)S5',\n '15.4(1)T',\n '15.4(1)T1',\n '15.4(1)T2',\n '15.4(1)T3',\n '15.4(1)T4',\n '15.4(2)T',\n '15.4(2)T1',\n '15.4(2)T2',\n '15.4(2)T3',\n '15.4(2)T4',\n '15.5(3)M',\n '15.5(3)M0a',\n '15.5(3)M1',\n '15.5(3)M2',\n '15.5(1)S',\n '15.5(1)S1',\n '15.5(1)S2',\n '15.5(1)S3',\n '15.5(2)S',\n '15.5(2)S1',\n '15.5(2)S2',\n '15.5(2)S3',\n '15.5(3)S',\n '15.5(3)S0a',\n '15.5(3)S1',\n '15.5(3)S1a',\n '15.5(3)S2',\n '15.5(3)SN',\n '15.5(1)T4',\n '15.5(2)T4',\n '15.5(1)T',\n '15.5(1)T1',\n '15.5(1)T2',\n '15.5(1)T3',\n '15.5(2)T',\n '15.5(2)T1',\n '15.5(2)T2',\n '15.5(2)T3',\n '15.6(1)S',\n '15.6(1)S1',\n '15.6(2)S',\n '15.6(2)SN',\n '15.6(1)T',\n '15.6(1)T0a',\n '15.6(1)T1' );\n\nforeach af ( affected )\n{\n if( version == af )\n {\n report = report_fixed_ver( installed_version:version, fixed_version: \"See advisory\" );\n security_message( port:0, data:report );\n exit( 0 );\n }\n}\n\nexit( 99 );\n\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2021-02-01T01:37:01", "description": "According to its self-reported version and configuration, the Cisco\nIOS XE software running on the remote device is affected by a denial\nof service vulnerability in the Internet Key Exchange version 1\n(IKEv1) subsystem due to improper handling of fragmented IKEv1\npackets. An unauthenticated, remote attacker can exploit this issue,\nvia specially crafted IKEv1 packets, to cause the device to reload.", "edition": 26, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2016-11-14T00:00:00", "title": "Cisco IOS XE IKEv1 Fragmentation DoS (cisco-sa-20160928-ikev1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6381"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/o:cisco:ios_xe"], "id": "CISCO-SA-20160928-IKEV1-IOSXE.NASL", "href": "https://www.tenable.com/plugins/nessus/94763", "sourceData": "#TRUSTED 4060229c7bf74a53432ae94e8e2076fce950275e7ece8007745d80ada4cdcf04069b1d48d8e64bfb657aaf27954fee62a9f6df86bc0513e1306d01563f497ea20067547e545301226af8b3552aaf769f64d37b2c12d557b620a8b783554d464ea1c0e62fdfc817eacfb5b0c628751ceb2efeb2dd71ab7e47584856a328605a4891761ae2956054bb9edd11556990b829322b8c7f1b7547ff86bb212cbc24ef49b813022fe2ee5853522874c0145ab69af2c85befbd19b0a1c3cdb9d7df1b7bbe330bc2b73b51ec7d6f6797598f1d909e2a4237ab1b18761d9a8ccee98b847395093c74c92ba5b161fdcf469bdbf5df49d91d3a0bd4c693743429dfc38e21e56b630a2e0a85a6cc9db1a9764e52909f7d05854a7521f934f4a95eba591239ff511ac83fe2281fb1f38346c50ecbf7618cec17a3dc86e0af99de7cb2605c2b6ea3c61b716c59a1d3ca78aad52caf6f6b753982e1cda753dcde8d9f4c551528631d5a5020e9f530ec71252fa0af7e8d8b8508c17b56b890ddf4403e0b2bf6012fa72dc8b6c7369ec3594eff1f5c2b35ae88f01b5def7351c0cc803fcc23075cd1184cbcf0552274e23b60457c5aca0d65ab731f372c7b7d7f933f669ac0ee9873c7492531a1cbebb999f5eec751e40a623e6bf0bae786952cdd6c30645e291408d50fcac837f84ad4f186237b7b93a997ae251a0ef8e6951494d7c39f78acde43cf\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94763);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/11/14\");\n\n script_cve_id(\"CVE-2016-6381\");\n script_bugtraq_id(93195);\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCuy47382\");\n script_xref(name:\"CISCO-SA\", value:\"cisco-sa-20160928-ios-ikev1\");\n\n script_name(english:\"Cisco IOS XE IKEv1 Fragmentation DoS (cisco-sa-20160928-ikev1)\");\n script_summary(english:\"Checks the IOS XE version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version and configuration, the Cisco\nIOS XE software running on the remote device is affected by a denial\nof service vulnerability in the Internet Key Exchange version 1\n(IKEv1) subsystem due to improper handling of fragmented IKEv1\npackets. An unauthenticated, remote attacker can exploit this issue,\nvia specially crafted IKEv1 packets, to cause the device to reload.\");\n # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?30c88959\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to the relevant fixed version referenced in Cisco bug ID\nCSCuy47382. Alternatively, as a workaround, IKEv2 fragmentation can be\ndisabled by using the 'no crypto isakmp fragmentation' command.\nHowever, if IKEv1 fragmentation is needed, there is no workaround that\naddresses this vulnerability.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:cisco:ios_xe\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CISCO\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"cisco_ios_xe_version.nasl\");\n script_require_keys(\"Host/Cisco/IOS-XE/Version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"cisco_func.inc\");\ninclude(\"cisco_kb_cmd_func.inc\");\n\nver = get_kb_item_or_exit(\"Host/Cisco/IOS-XE/Version\");\n\nflag = 0;\noverride = 0;\ncmds = make_list();\n\n# Check for vuln version\nif ( ver == \"3.1.0S\" ) flag++;\nelse if ( ver == \"3.1.1S\" ) flag++;\nelse if ( ver == \"3.1.2S\" ) flag++;\nelse if ( ver == \"3.1.3aS\" ) flag++;\nelse if ( ver == \"3.1.4aS\" ) flag++;\nelse if ( ver == \"3.1.4S\" ) flag++;\nelse if ( ver == \"3.2.1S\" ) flag++;\nelse if ( ver == \"3.2.2S\" ) flag++;\nelse if ( ver == \"3.3.0S\" ) flag++;\nelse if ( ver == \"3.3.0SG\" ) flag++;\nelse if ( ver == \"3.3.0XO\" ) flag++;\nelse if ( ver == \"3.3.1S\" ) flag++;\nelse if ( ver == \"3.3.1SG\" ) flag++;\nelse if ( ver == \"3.3.1XO\" ) flag++;\nelse if ( ver == \"3.3.2S\" ) flag++;\nelse if ( ver == \"3.3.2SG\" ) flag++;\nelse if ( ver == \"3.4.0aS\" ) flag++;\nelse if ( ver == \"3.4.0S\" ) flag++;\nelse if ( ver == \"3.4.0SG\" ) flag++;\nelse if ( ver == \"3.4.1S\" ) flag++;\nelse if ( ver == \"3.4.1SG\" ) flag++;\nelse if ( ver == \"3.4.2S\" ) flag++;\nelse if ( ver == \"3.4.2SG\" ) flag++;\nelse if ( ver == \"3.4.3S\" ) flag++;\nelse if ( ver == \"3.4.3SG\" ) flag++;\nelse if ( ver == \"3.4.4S\" ) flag++;\nelse if ( ver == \"3.4.4SG\" ) flag++;\nelse if ( ver == \"3.4.5S\" ) flag++;\nelse if ( ver == \"3.4.5SG\" ) flag++;\nelse if ( ver == \"3.4.6S\" ) flag++;\nelse if ( ver == \"3.4.6SG\" ) flag++;\nelse if ( ver == \"3.4.7SG\" ) flag++;\nelse if ( ver == \"3.5.0E\" ) flag++;\nelse if ( ver == \"3.5.0S\" ) flag++;\nelse if ( ver == \"3.5.1E\" ) flag++;\nelse if ( ver == \"3.5.1S\" ) flag++;\nelse if ( ver == \"3.5.2E\" ) flag++;\nelse if ( ver == \"3.5.2S\" ) flag++;\nelse if ( ver == \"3.5.3E\" ) flag++;\nelse if ( ver == \"3.6.0E\" ) flag++;\nelse if ( ver == \"3.6.0S\" ) flag++;\nelse if ( ver == \"3.6.1E\" ) flag++;\nelse if ( ver == \"3.6.1S\" ) flag++;\nelse if ( ver == \"3.6.2aE\" ) flag++;\nelse if ( ver == \"3.6.2E\" ) flag++;\nelse if ( ver == \"3.6.2S\" ) flag++;\nelse if ( ver == \"3.6.3E\" ) flag++;\nelse if ( ver == \"3.6.4E\" ) flag++;\nelse if ( ver == \"3.7.0E\" ) flag++;\nelse if ( ver == \"3.7.0S\" ) flag++;\nelse if ( ver == \"3.7.1E\" ) flag++;\nelse if ( ver == \"3.7.1S\" ) flag++;\nelse if ( ver == \"3.7.2E\" ) flag++;\nelse if ( ver == \"3.7.2S\" ) flag++;\nelse if ( ver == \"3.7.2tS\" ) flag++;\nelse if ( ver == \"3.7.3E\" ) flag++;\nelse if ( ver == \"3.7.3S\" ) flag++;\nelse if ( ver == \"3.7.4aS\" ) flag++;\nelse if ( ver == \"3.7.4S\" ) flag++;\nelse if ( ver == \"3.7.5S\" ) flag++;\nelse if ( ver == \"3.7.6S\" ) flag++;\nelse if ( ver == \"3.7.7S\" ) flag++;\nelse if ( ver == \"3.8.0E\" ) flag++;\nelse if ( ver == \"3.8.0S\" ) flag++;\nelse if ( ver == \"3.8.1E\" ) flag++;\nelse if ( ver == \"3.8.1S\" ) flag++;\nelse if ( ver == \"3.8.2S\" ) flag++;\nelse if ( ver == \"3.9.0aS\" ) flag++;\nelse if ( ver == \"3.9.0S\" ) flag++;\nelse if ( ver == \"3.9.1aS\" ) flag++;\nelse if ( ver == \"3.9.1S\" ) flag++;\nelse if ( ver == \"3.9.2S\" ) flag++;\nelse if ( ver == \"3.10.0S\" ) flag++;\nelse if ( ver == \"3.10.1S\" ) flag++;\nelse if ( ver == \"3.10.1xbS\" ) flag++;\nelse if ( ver == \"3.10.2S\" ) flag++;\nelse if ( ver == \"3.10.3S\" ) flag++;\nelse if ( ver == \"3.10.4S\" ) flag++;\nelse if ( ver == \"3.10.5S\" ) flag++;\nelse if ( ver == \"3.10.6S\" ) flag++;\nelse if ( ver == \"3.10.7S\" ) flag++;\nelse if ( ver == \"3.11.0S\" ) flag++;\nelse if ( ver == \"3.11.1S\" ) flag++;\nelse if ( ver == \"3.11.2S\" ) flag++;\nelse if ( ver == \"3.11.3S\" ) flag++;\nelse if ( ver == \"3.11.4S\" ) flag++;\nelse if ( ver == \"3.12.0aS\" ) flag++;\nelse if ( ver == \"3.12.0S\" ) flag++;\nelse if ( ver == \"3.12.1S\" ) flag++;\nelse if ( ver == \"3.12.2S\" ) flag++;\nelse if ( ver == \"3.12.3S\" ) flag++;\nelse if ( ver == \"3.12.4S\" ) flag++;\nelse if ( ver == \"3.13.0aS\" ) flag++;\nelse if ( ver == \"3.13.0S\" ) flag++;\nelse if ( ver == \"3.13.1S\" ) flag++;\nelse if ( ver == \"3.13.2aS\" ) flag++;\nelse if ( ver == \"3.13.2S\" ) flag++;\nelse if ( ver == \"3.13.3S\" ) flag++;\nelse if ( ver == \"3.13.4S\" ) flag++;\nelse if ( ver == \"3.13.5S\" ) flag++;\nelse if ( ver == \"3.14.0S\" ) flag++;\nelse if ( ver == \"3.14.1S\" ) flag++;\nelse if ( ver == \"3.14.2S\" ) flag++;\nelse if ( ver == \"3.14.3S\" ) flag++;\nelse if ( ver == \"3.15.0S\" ) flag++;\nelse if ( ver == \"3.15.1cS\" ) flag++;\nelse if ( ver == \"3.15.1S\" ) flag++;\nelse if ( ver == \"3.15.2S\" ) flag++;\nelse if ( ver == \"3.15.3S\" ) flag++;\nelse if ( ver == \"3.16.0cS\" ) flag++;\nelse if ( ver == \"3.16.0S\" ) flag++;\nelse if ( ver == \"3.16.1aS\" ) flag++;\nelse if ( ver == \"3.16.1S\" ) flag++;\nelse if ( ver == \"3.16.2aS\" ) flag++;\nelse if ( ver == \"3.16.2S\" ) flag++;\nelse if ( ver == \"3.17.0S\" ) flag++;\nelse if ( ver == \"3.17.1S\" ) flag++;\nelse if ( ver == \"3.18.0S\" ) flag++;\nelse if ( ver == \"16.1.1\" ) flag++;\nelse if ( ver == \"16.1.2\" ) flag++;\n\nif(!flag)\n audit(AUDIT_INST_VER_NOT_VULN, ver);\n\n# Check that IKEv1 config or IKEv1 is running\nif (get_kb_item(\"Host/local_checks_enabled\"))\n{\n flag = 0;\n\n # Check for condition 1, IKEv1 config\n buf = cisco_command_kb_item(\"Host/Cisco/Config/show_running-config\",\"show running-config\");\n if (check_cisco_result(buf))\n {\n if ( \"crypto isakmp fragmentation\" >< buf )\n {\n flag = 1;\n cmds = make_list('show running-config');\n }\n }\n else if (cisco_needs_enable(buf))\n {\n flag = 1;\n override = 1;\n }\n\n # Check for condition 2, IKEv1 is running\n if (flag)\n {\n flag = 0;\n\n pat = \"(\\d+.\\d+.\\d+.\\d+|.*:.*|UNKNOWN|--any--)\\s+(500|4500)\\s\";\n buf = cisco_command_kb_item(\"Host/Cisco/Config/show_ip_sockets\",\"show ip sockets\");\n if (!flag)\n {\n if (check_cisco_result(buf))\n {\n if (preg(multiline:TRUE, pattern:pat, string:buf))\n {\n flag = 1;\n cmds = make_list(cmds, 'show ip sockets');\n }\n }\n else if (cisco_needs_enable(buf))\n {\n flag = 1;\n override = 1;\n }\n }\n\n if (!flag)\n {\n buf = cisco_command_kb_item(\"Host/Cisco/Config/show_udp\",\"show udp\");\n if (check_cisco_result(buf))\n {\n if (preg(multiline:TRUE, pattern:pat, string:buf))\n {\n flag = 1;\n cmds = make_list(cmds, 'show udp');\n }\n }\n else if (cisco_needs_enable(buf))\n {\n flag = 1;\n override = 1;\n }\n }\n }\n}\n\nif (flag)\n{\n security_report_cisco(\n port : 0,\n severity : SECURITY_HOLE,\n override : override,\n version : ver,\n bug_id : 'CSCuy47382',\n cmds : cmds\n );\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "cisco": [{"lastseen": "2021-02-26T06:47:20", "bulletinFamily": "software", "cvelist": ["CVE-2016-6381"], "description": "A vulnerability in the Internet Key Exchange version 1 (IKEv1) fragmentation code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an exhaustion of available memory or a reload of the affected system.\n\nThe vulnerability is due to the improper handling of crafted, fragmented IKEv1 packets. An attacker could exploit this vulnerability by sending crafted UDP packets to the affected system. An exploit could allow the attacker to cause a reload of the affected system.\n\nNote: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered by IPv4 and IPv6 traffic.\n\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\n\nThis advisory is available at the following link:\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1 [\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1\"]\n\nThis advisory is part of the September 28, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 10 Cisco Security Advisories that describe 11 vulnerabilities. All the vulnerabilities have a Security Impact Rating of \u201cHigh.\u201d For a complete list of the advisories and links to them, see Cisco Event Response: September 2016 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication [\"http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56513\"].", "modified": "2016-09-28T16:00:00", "published": "2016-09-28T16:00:00", "id": "CISCO-SA-20160928-IOS-IKEV1", "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1", "type": "cisco", "title": "Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "threatpost": [{"lastseen": "2018-10-06T22:54:40", "bulletinFamily": "info", "cvelist": ["CVE-2016-6381", "CVE-2016-6382", "CVE-2016-6384", "CVE-2016-6391", "CVE-2016-6406", "CVE-2016-6419", "CVE-2016-6420"], "description": "Cisco Systems released a critical security bulletin for a vulnerability that allows remote unauthenticated users to gain complete control of its email security appliances. The vulnerability is tied to Cisco\u2019s IronPort AsyncOS operating system.\n\nCisco first issued a security bulletin last week for the IronPort AsyncOS, but on Wednesday updated that alert with more information including a software update that addresses the security flaw. Cisco also indicated a workaround exists that can halt remote access to affected email appliances.\n\nCisco says the vulnerability (CVE-2016-6406) is tied to the presence of the company\u2019s own internal testing and debugging interface; accessible on the IronPort AsyncOS operating system. \u201cAn attacker could exploit this vulnerability by connecting to this testing and debugging interface. An exploit could allow an attacker to obtain complete control of an affected device with root-level privileges,\u201d [Cisco explains](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160922-esa>).\n\nIn addition to the critical IronPort AsyncOS vulnerability bulletin, Cisco also issued [10 security bulletins](<https://www.us-cert.gov/ncas/current-activity/2016/09/28/Cisco-Releases-Security-Updates>) rated high and tied to its IOS and IOS XE software. Eight of the security bugs are vulnerabilities opening the door for remote attackers to carry out denial of service attacks. Cisco released software updates for each DoS vulnerability announced Wednesday.\n\nOne of those DoS vulnerabilities (CVE-2016-6382) is tied to Cisco\u2019s IPv4 Multicast Source Discovery Protocol and IPv6 Protocol Independent Multicast. [The flaw](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-msdp>) could allow an unauthenticated, remote attacker to send traffic to the IPv4 device that contained a packet designed to trigger a restart of the device. Cisco has released a software update that addresses this vulnerability.\n\nOther DoS vulnerabilities include one ([CVE-2016-6381](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1>)) related to Cisco\u2019s Internet Key Exchange version 1 fragmentation code in IOS and IOS XE software. Another DoS-related bug impacts H.323 message validation ([CVE-2016-6384](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-h323>)) and is due to a failure of the system to properly validate certain fields in an H.323 protocol suite message, according to Cisco. A vulnerability ([CVE-2016-6391](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-cip>)) was identified by Cisco in the Common Industrial Protocol (CIP) feature of its\u2019 IOS software. The vulnerability could allow an unauthenticated, remote attacker to submit a CIP message request designed to cause a targeted Cisco switch to stop processing traffic, requiring a restart to regain functionality, according to Cisco.\n\nCisco also released software that patches two security bulletins rated medium and tied to its Firepower Management Center. One is a privilege escalation vulnerability ([CVE-2016-6420](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-fmc1>)) and the other a SQL injection vulnerability ([CVE-2016-6419](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-fpmc>)).\n\nIt has been a busy month of patching for Cisco. [Last week](<It's%20already%20been%20a%20busy%20month%20of%20patching%20for%20Cisco%20Systems,%20and%20on%20Wednesday%20the%20networking%20giant%20rolled%20out%20nine%20more%20security%20updates%20addressing%20critical%20vulnerabilities%20across%20its%20core%20product%20lines.>), the networking giant rolled out nine security updates addressing critical vulnerabilities across its core product lines. Earlier this month, Cisco [warned of 12 security vulnerabilities](<https://threatpost.com/cisco-patches-critical-webex-meetings-server-vulnerability/120611/>), one critical relating to its WebEx Meeting Server.\n", "modified": "2016-09-29T16:21:16", "published": "2016-09-29T12:21:16", "id": "THREATPOST:28BC84E8AEC7BCA1110731647FE9A404", "href": "https://threatpost.com/cisco-warns-of-critical-flaw-in-email-security-appliances/120968/", "type": "threatpost", "title": "Cisco Warns of Critical Flaw in Email Security Appliances", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ics": [{"lastseen": "2021-02-27T19:52:40", "bulletinFamily": "info", "cvelist": ["CVE-2010-5298", "CVE-2014-0076", "CVE-2014-0195", "CVE-2014-0198", "CVE-2014-0221", "CVE-2014-0224", "CVE-2014-2106", "CVE-2014-2108", "CVE-2014-2109", "CVE-2014-2111", "CVE-2014-2112", "CVE-2014-2113", "CVE-2014-3299", "CVE-2014-3354", "CVE-2014-3355", "CVE-2014-3356", "CVE-2014-3359", "CVE-2014-3360", "CVE-2014-3361", "CVE-2014-3470", "CVE-2014-3566", "CVE-2015-0207", "CVE-2015-0209", "CVE-2015-0285", "CVE-2015-0287", "CVE-2015-0288", "CVE-2015-0289", "CVE-2015-0290", "CVE-2015-0291", "CVE-2015-0292", "CVE-2015-0293", "CVE-2015-0642", "CVE-2015-0643", "CVE-2015-0646", "CVE-2015-1787", "CVE-2015-1798", "CVE-2015-1799", "CVE-2015-7691", "CVE-2015-7692", "CVE-2015-7701", "CVE-2015-7702", "CVE-2015-7703", "CVE-2015-7704", "CVE-2015-7705", "CVE-2015-7848", "CVE-2015-7849", "CVE-2015-7850", "CVE-2015-7851", "CVE-2015-7852", "CVE-2015-7853", "CVE-2015-7854", "CVE-2015-7855", "CVE-2015-7871", "CVE-2016-1344", "CVE-2016-1350", "CVE-2016-1409", "CVE-2016-6380", "CVE-2016-6381", "CVE-2016-6382", "CVE-2016-6384", "CVE-2016-6393", "CVE-2016-6415"], "description": "### **CVSS v3 10.0**\n\n**ATTENTION: **Remotely exploitable/low skill level to exploit.\n\n**Vendor:** Rockwell Automation\n\n**Equipment:** Stratix 5900\n\n**Vulnerabilities:** Improper Input Validation, Resource Management Errors, Improper Authentication, Path Traversal_._\n\n## REPOSTED INFORMATION\n\nThis advisory was originally posted to the NCCIC Portal on April 4, 2017, and is being released to the NCCIC/ICS-CERT web site.\n\n## AFFECTED PRODUCTS\n\nRockwell Automation reports that these vulnerabilities affect the following Stratix 5900 Services Routers:\n\n * Stratix 5900, All Versions prior to 15.6.3.\n\n## IMPACT\n\nAn attacker who exploits these vulnerabilities may be able to perform man-in-the-middle attacks, create denial of service conditions, or remotely execute arbitrary code.\n\n## MITIGATION\n\nRockwell Automation has provided a new firmware version, Version 15.6.3, to mitigate these vulnerabilities.\n\nRockwell Automation encourages users of the affected versions to update to the latest available software versions addressing the associated risk, and including improvements to further harden the software and enhance its resilience against similar malicious attacks. Users can find the latest firmware version by searching for their device at the following web site:\n\n<http://compatibility.rockwellautomation.com/Pages/MultiProductDownload.aspx?famID=15>\n\nAdditional precautions and risk mitigation strategies specific to these types of attacks are recommended in the Rockwell Automation security release. When possible, multiple strategies should be implemented simultaneously.\n\n<https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1041191>\n\nPlease also refer to Cisco\u2019s security advisories (linked below) for additional workarounds and details for these vulnerabilities.\n\nNCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n\n * Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.\n * Locate control system networks and remote devices behind firewalls, and isolate them from the business network.\n * When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.\n\nICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\n\nICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.\n\nAdditional mitigation guidance and recommended practices are publicly available in the ICS\u2011CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.\n\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.\n\nNo known public exploits specifically target these vulnerabilities.\n\n## VULNERABILITY OVERVIEW\n\n## [**IMPROPER INPUT VALIDATION CWE-20**](<https://cwe.mitre.org/data/definitions/20.html>)\n\n[Cisco IOS and IOS XE Software DNS Forwarder Denial of Service Vulnerability](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-dns>).\n\n[CVE-2016-6380](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6380>) has been assigned to this vulnerability. A CVSS v3 base score of 8.1 has been calculated; the CVSS vector string is ([AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:H>)).\n\n## [**RESOURCE MANAGEMENT ERRORS CWE 399**](<https://cwe.mitre.org/data/definitions/399.html>)\n\n[Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-aaados>).\n\n[CVE-2016-6393](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6380>) has been assigned to this vulnerability. A CVSS v3 base score of 8.1 has been calculated; the CVSS vector string is ([AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:H>)).\n\n## [**RESOURCE MANAGEMENT ERRORS CWE 399**](<https://cwe.mitre.org/data/definitions/399.html>)\n\n[Cisco IOS and IOS XE Software H.323 Message Validation Denial of Service Vulnerability](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-h323>).\n\n[CVE-2016-6384](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6384>) has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H>)).\n\n## [**RESOURCE MANAGEMENT ERRORS CWE 399**](<https://cwe.mitre.org/data/definitions/399.html>)\n\n[Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ios-ikev1>).\n\n[CVE-2016-6381](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6381>) has been assigned to this vulnerability. A CVSS v3 base score of 6.8 has been calculated; the CVSS vector string is ([AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H>)).\n\n## [**RESOURCE MANAGEMENT ERRORS CWE 399**](<https://cwe.mitre.org/data/definitions/399.html>)\n\n[Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-msdp>).\n\n[CVE-2016-6382](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6382>) has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H>)).\n\n## [**INFORMATION EXPOSURE CWE-200**](<https://cwe.mitre.org/data/definitions/200.html>)\n\n[IKEv1 Information Disclosure Vulnerability in Multiple Cisco Products](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1>).\n\n[CVE-2016-6415](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6415>) has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N>)).\n\n## [**INPUT VALIDATION CWE-20 **](<https://cwe.mitre.org/data/definitions/20.html>)\n\n[Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6>).\n\n[CVE-2016-1409](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1409>) has been assigned to this vulnerability. A CVSS v3 base score of 5.8 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L>)).\n\n## [**RESOURCE MANAGEMENT ERRORS CWE 399**](<https://cwe.mitre.org/data/definitions/399.html>)\n\n[Cisco IOS and IOS XE and Cisco Unified Communications Manager Software Session Initiation Protocol Memory Leak Vulnerability](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-sip>).\n\n[CVE-2016-1350](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1350>) has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H>)).\n\n## [**RESOURCE MANAGEMENT ERRORS CWE 399**](<https://cwe.mitre.org/data/definitions/399.html>)\n\n[Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Fragmentation Denial of Service Vulnerability](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ios-ikev2>).\n\n[CVE-2016-1344](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1344>) has been assigned to this vulnerability. A CVSS v3 base score of 6.8 has been calculated; the CVSS vector string is ([AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H>)).\n\n## [**INTEGER OVERFLOW OR WRAPAROUND CWE 190**](<https://cwe.mitre.org/data/definitions/190.html>)\n\n## [**IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119**](<https://cwe.mitre.org/data/definitions/119.html>)\n\n## [**IMPROPER INPUT VALIDATION CWE-20**](<https://cwe.mitre.org/data/definitions/20.html>)\n\n## [**PATH TRAVERSAL CWE-22**](<https://cwe.mitre.org/data/definitions/22.html>)\n\n## [**PERMISSIONS, PRIVILEGES, AND ACCESS CONTROLS CWE-264**](<https://cwe.mitre.org/data/definitions/264.html>)\n\n## [**IMPROPER AUTHENTICATION CWE-287**](<https://cwe.mitre.org/data/definitions/287.html>)\n\n## [**RESOURCE MANAGEMENT ERRORS CWE 399**](<https://cwe.mitre.org/data/definitions/399.html>)\n\n[Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp>).\n\n[CVE-2015-7691](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7691>), [CVE-2015-7692](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7692>), [CVE-2015-7701](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7701>), [CVE-2015-7702](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7702>), [CVE-2015-7703](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7703>), [CVE-2015-7704](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7704>), [CVE-2015-7705](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7705>), [CVE-2015-7848](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7848>), [CVE-2015-7849](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7849>), [CVE-2015-7850](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7850>), [CVE-2015-7851](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7851>), [CVE-2015-7852](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7852>), [CVE-2015-7853](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7853>), [CVE-2015-7854](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7854>), [CVE-2015-7855](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7855>), and [CVE-2015-7871](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7871>) have been assigned to these vulnerabilities. A CVSS v3 base score of 7.2 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L>)).\n\n## [**IMPROPER AUTHENTICATION CWE-287**](<https://cwe.mitre.org/data/definitions/287.html>)\n\n[Multiple Vulnerabilities in ntpd (April 2015) Affecting Cisco Products](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-ntpd>).\n\n[CVE-2015-1798](<https://nvd.nist.gov/vuln/detail/CVE-2015-1798>) and [CVE-2015-1799](<https://nvd.nist.gov/vuln/detail/CVE-2015-1799>) have been assigned to this vulnerability. A CVSS v3 base score of 5.8 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N>)).\n\n## [**INPUT VALIDATION CWE 20**](<https://cwe.mitre.org/data/definitions/20.html>)\n\n## [**RESOURCE MANAGEMENT ERRORS CWE 399**](<https://cwe.mitre.org/data/definitions/399.html>)\n\n[Cisco IOS Software and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerabilities](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ikev2>).\n\n[CVE-2015-0642](<https://nvd.nist.gov/vuln/detail/CVE-2015-0642>) and [CVE-2015-0643](<https://nvd.nist.gov/vuln/detail/CVE-2015-0643>) have been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H>)).\n\n## [**RESOURCE MANAGEMENT ERRORS CWE 399**](<https://cwe.mitre.org/data/definitions/399.html>)\n\n[Cisco IOS Software and IOS XE Software TCP Packet Memory Leak Vulnerability](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-tcpleak>).\n\n[CVE-2015-0646](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0646>) has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H>)).\n\n## [**IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119**](<https://cwe.mitre.org/data/definitions/119.html>)\n\n## [**IMPROPER INPUT VALIDATION CWE-20**](<https://cwe.mitre.org/data/definitions/20.html>)\n\n## [**CRYPTOGRAPHIC ISSUES CWE 310**](<https://cwe.mitre.org/data/definitions/310.html>)\n\n[Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150320-openssl>).\n\n[CVE-2015-0207](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0207>), [CVE-2015-0209](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0209>), [CVE-2015-0285](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0285>), [CVE-2015-0287](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0287>), [CVE-2015-0288](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0288>), [CVE-2015-0289](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0289>), [CVE-2015-0290](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0290>), [CVE-2015-0291](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0291>), [CVE-2015-0292](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0292>), [CVE-2015-0293](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0293>), and [CVE-2015-1787](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1787>) have been assigned to these vulnerabilities. A CVSS v3 base score of 4.0 has been calculated; the CVSS vector string is ([AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N>)).\n\n## [**CRYPTOGRAPHIC ISSUES CWE 310**](<https://cwe.mitre.org/data/definitions/310.html>)\n\n[SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle>).\n\n[CVE-2014-3566](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566>) has been assigned to this vulnerability. A CVSS v3 base score of 4.0 has been calculated; the CVSS vector string is ([AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N>)).\n\n## [**RESOURCE MANAGEMENT ERRORS CWE 399**](<https://cwe.mitre.org/data/definitions/399.html>)\n\n[Cisco IOS Software DHCP Version 6 Denial of Service Vulnerability](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-dhcpv6>).\n\n[CVE-2014-3359](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3359>) has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H>)).\n\n## [**RESOURCE MANAGEMENT ERRORS CWE 399**](<https://cwe.mitre.org/data/definitions/399.html>)\n\n[Cisco IOS Software Metadata Vulnerabilities](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-metadata>).\n\n[CVE-2014-3355](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3355>) and [CVE-2014-3356](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3356>) have been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H>)).\n\n## [**IMPROPER INPUT VALIDATION CWE-20**](<https://cwe.mitre.org/data/definitions/20.html>)\n\n[Cisco IOS Software Network Address Translation Denial of Service Vulnerability](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-nat>).\n\n[CVE-2014-3361](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3361>) has been assigned to this vulnerability. A CVSS v3 base score of 6.8 has been calculated; the CVSS vector string is ([AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H>)).\n\n## [**RESOURCE MANAGEMENT ERRORS CWE 399**](<https://cwe.mitre.org/data/definitions/399.html>)\n\n[Cisco IOS Software RSVP Vulnerability](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp>).\n\n[CVE-2014-3354](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3354>) has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H>)).\n\n## [**NUMERIC ERRORS CWE 189**](<https://cwe.mitre.org/data/definitions/189.html>)\n\n[Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-sip>).\n\n[CVE-2014-3360](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3360>) has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H>)).\n\n## [**RESOURCE MANAGEMENT ERRORS CWE 399**](<https://cwe.mitre.org/data/definitions/399.html>)\n\n[Cisco IOS Software IPsec Denial of Service Vulnerability](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20140625-CVE-2014-3299>).\n\n[CVE-2014-3299](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3299>) has been assigned to this vulnerability. A CVSS v3 base score of 7.7 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H>)).\n\n## [**CRYPTOGRAPHIC ISSUES CWE-310**](<https://cwe.mitre.org/data/definitions/310.html>)\n\n## [**RACE CONDITION CWE-362**](<https://cwe.mitre.org/data/definitions/362.html>)\n\n## [**IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119**](<https://cwe.mitre.org/data/definitions/119.html>)\n\n## [**RESOURCE MANAGEMENT ERRORS CWE-399**](<https://cwe.mitre.org/data/definitions/399.html>)\n\n## [**NULL POINTER DEREFERENCE CWE-476**](<https://cwe.mitre.org/data/definitions/476.html>)\n\n[Multiple Vulnerabilities in OpenSSL Affecting Cisco Products](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl>).\n\n[CVE-2010-5298](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-5298>), [CVE-2014-0076](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0076>), [CVE-2014-0195](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0195>), [CVE-2014-0198](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0198>), [CVE-2014-0221](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0221>), [CVE-2014-0224](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0224>), and [CVE-2014-3470](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3470>) have been assigned to these vulnerabilities. A CVSS v3 base score of 10.0 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H>)).\n\n## [**IMPROPER INPUT VALIDATION CWE-20**](<https://cwe.mitre.org/data/definitions/20.html>)\n\n[Cisco IOS Software Crafted IPv6 Packet Denial of Service Vulnerability](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-ipv6>).\n\n[CVE-2014-2113](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2113>) has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H>)).\n\n## [**RESOURCE MANAGEMENT ERRORS CWE 399**](<https://cwe.mitre.org/data/definitions/399.html>)\n\n[Cisco IOS Software Internet Key Exchange Version 2 Denial of Service Vulnerability](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-ikev2>).\n\n[CVE-2014-2108](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2108>) has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H>)).\n\n## [**IMPROPER INPUT VALIDATION CWE-20**](<https://cwe.mitre.org/data/definitions/20.html>)\n\n## [**RESOURCE MANAGEMENT ERRORS CWE 399**](<https://cwe.mitre.org/data/definitions/399.html>)\n\n[Cisco IOS Software Network Address Translation Vulnerabilities](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-nat>).\n\n[CVE-2014-2109](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2109>) and [CVE-2014-2111](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2111>) has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H>)).\n\n## [**IMPROPER INPUT VALIDATION CWE-20**](<https://cwe.mitre.org/data/definitions/20.html>)\n\n[Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-sip>).\n\n[CVE-2014-2106](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2106>) has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H>)).\n\n## [**RESOURCE MANAGEMENT ERRORS CWE 399**](<https://cwe.mitre.org/data/definitions/399.html>)\n\n[Cisco IOS Software SSL VPN Denial of Service Vulnerability](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-ios-sslvpn>).\n\n[CVE-2014-2112](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2112>) has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is ([AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H>)).\n\n## RESEARCHER\n\nCisco Systems, Inc. reported these vulnerabilities to Rockwell Automation.\n\n## BACKGROUND\n\n**Critical Infrastructure Sectors:** Critical Manufacturing, Energy, Water and Wastewater Systems\n\n**Area Deployed:** Worldwide\n\n**Company Headquarters Location: **United States\n\n## \nContact Information\n\nFor any questions related to this report, please contact the CISA at: \n \nEmail: [CISAservicedesk@cisa.dhs.gov](<mailto:cisaservicedesk@cisa.dhs.gov>) \nToll Free: 1-888-282-0870\n\nFor industrial control systems cybersecurity information: https://us-cert.cisa.gov/ics \nor incident reporting: https://us-cert.cisa.gov/report\n\nCISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product.\n\nThis product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ics/advisories/ICSA-17-094-04>); we'd welcome your feedback.\n", "modified": "2017-05-10T00:00:00", "published": "2017-05-09T00:00:00", "id": "ICSA-17-094-04", "href": "https://www.us-cert.gov/ics/advisories/ICSA-17-094-04", "type": "ics", "title": "Rockwell Automation Stratix 5900", "cvss": {"score": 8.3, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:C"}}]}
