Lucene search

[email protected]NVD:CVE-2016-1398

HistoryJul 03, 2016 - 9:59 p.m.

CVE-2016-1398

2016-07-0321:59:07

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.3

Confidence

High

EPSS

0.001

Percentile

41.4%

JSON

Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware through 1.2.1.4, RV130W devices with firmware through 1.0.2.7, and RV215W devices with firmware through 1.3.0.7 allows remote authenticated users to cause a denial of service (device reload) via a crafted HTTP request, aka Bug ID CSCux86669.

Affected configurations

Nvd

Node

ciscorv130w_firmwareMatch1.0.0.21

ciscorv130w_firmwareMatch1.0.1.3

ciscorv130w_firmwareMatch1.0.2.7

AND

ciscorv130wMatch-

Node

ciscorv110w_firmwareMatch1.1.0.9

ciscorv110w_firmwareMatch1.2.0.9

ciscorv110w_firmwareMatch1.2.0.10

ciscorv110w_firmwareMatch1.2.1.4

AND

ciscorv110wMatch-

Node

ciscorv215w_firmwareMatch1.1.0.5

ciscorv215w_firmwareMatch1.1.0.6

ciscorv215w_firmwareMatch1.2.0.14

ciscorv215w_firmwareMatch1.2.0.15

ciscorv215w_firmwareMatch1.3.0.7

AND

ciscorv215wMatch-

VendorProductVersionCPE
ciscorv130w_firmware1.0.0.21cpe:2.3:o:cisco:rv130w_firmware:1.0.0.21:*:*:*:*:*:*:*
ciscorv130w_firmware1.0.1.3cpe:2.3:o:cisco:rv130w_firmware:1.0.1.3:*:*:*:*:*:*:*
ciscorv130w_firmware1.0.2.7cpe:2.3:o:cisco:rv130w_firmware:1.0.2.7:*:*:*:*:*:*:*
ciscorv130w-cpe:2.3:h:cisco:rv130w:-:*:*:*:*:*:*:*
ciscorv110w_firmware1.1.0.9cpe:2.3:o:cisco:rv110w_firmware:1.1.0.9:*:*:*:*:*:*:*
ciscorv110w_firmware1.2.0.9cpe:2.3:o:cisco:rv110w_firmware:1.2.0.9:*:*:*:*:*:*:*
ciscorv110w_firmware1.2.0.10cpe:2.3:o:cisco:rv110w_firmware:1.2.0.10:*:*:*:*:*:*:*
ciscorv110w_firmware1.2.1.4cpe:2.3:o:cisco:rv110w_firmware:1.2.1.4:*:*:*:*:*:*:*
ciscorv110w-cpe:2.3:h:cisco:rv110w:-:*:*:*:*:*:*:*
ciscorv215w_firmware1.1.0.5cpe:2.3:o:cisco:rv215w_firmware:1.1.0.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	rv130w_firmware	1.0.0.21	cpe:2.3:o:cisco:rv130w_firmware:1.0.0.21:::::::*
cisco	rv130w_firmware	1.0.1.3	cpe:2.3:o:cisco:rv130w_firmware:1.0.1.3:::::::*
cisco	rv130w_firmware	1.0.2.7	cpe:2.3:o:cisco:rv130w_firmware:1.0.2.7:::::::*
cisco	rv130w	-	cpe:2.3:h:cisco:rv130w:-:::::::*
cisco	rv110w_firmware	1.1.0.9	cpe:2.3:o:cisco:rv110w_firmware:1.1.0.9:::::::*
cisco	rv110w_firmware	1.2.0.9	cpe:2.3:o:cisco:rv110w_firmware:1.2.0.9:::::::*
cisco	rv110w_firmware	1.2.0.10	cpe:2.3:o:cisco:rv110w_firmware:1.2.0.10:::::::*
cisco	rv110w_firmware	1.2.1.4	cpe:2.3:o:cisco:rv110w_firmware:1.2.1.4:::::::*
cisco	rv110w	-	cpe:2.3:h:cisco:rv110w:-:::::::*
cisco	rv215w_firmware	1.1.0.5	cpe:2.3:o:cisco:rv215w_firmware:1.1.0.5:::::::*

Rows per page:

1-10 of 151

References

www.securitytracker.com/id/1036115

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv3

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.3

Confidence

High

EPSS

0.001

Percentile

41.4%

JSON

Related for NVD:CVE-2016-1398

cvelist1 openvas1 prion1 cisco1 cve1