Lucene search

[email protected]NVD:CVE-2016-6438

HistoryOct 27, 2016 - 9:59 p.m.

CVE-2016-6438

2016-10-2721:59:09

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

5.8

Confidence

High

EPSS

0.003

Percentile

68.4%

JSON

A vulnerability in Cisco IOS XE Software running on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause a configuration integrity change to the vty line configuration on an affected device. This vulnerability affects the following releases of Cisco IOS XE Software running on Cisco cBR-8 Converged Broadband Routers: All 3.16S releases, All 3.17S releases, Release 3.18.0S, Release 3.18.1S, Release 3.18.0SP. More Information: CSCuz62815. Known Affected Releases: 15.5(3)S2.9, 15.6(2)SP. Known Fixed Releases: 15.6(1.7)SP1, 16.4(0.183), 16.5(0.1).

Affected configurations

Nvd

Node

ciscoios_xeMatch3.16.0cs

ciscoios_xeMatch3.16.0s

ciscoios_xeMatch3.16.1as

ciscoios_xeMatch3.16.1s

ciscoios_xeMatch3.16.2as

ciscoios_xeMatch3.16.2bs

ciscoios_xeMatch3.16.2s

ciscoios_xeMatch3.16.3as

ciscoios_xeMatch3.16.3s

ciscoios_xeMatch3.16.4s

ciscoios_xeMatch3.17.0s

ciscoios_xeMatch3.17.1as

ciscoios_xeMatch3.17.1s

ciscoios_xeMatch3.17.2s

ciscoios_xeMatch3.18.0s

ciscoios_xeMatch3.18.0sp

ciscoios_xeMatch3.18.1s

VendorProductVersionCPE
ciscoios_xe3.16.0cscpe:2.3:o:cisco:ios_xe:3.16.0cs:*:*:*:*:*:*:*
ciscoios_xe3.16.0scpe:2.3:o:cisco:ios_xe:3.16.0s:*:*:*:*:*:*:*
ciscoios_xe3.16.1ascpe:2.3:o:cisco:ios_xe:3.16.1as:*:*:*:*:*:*:*
ciscoios_xe3.16.1scpe:2.3:o:cisco:ios_xe:3.16.1s:*:*:*:*:*:*:*
ciscoios_xe3.16.2ascpe:2.3:o:cisco:ios_xe:3.16.2as:*:*:*:*:*:*:*
ciscoios_xe3.16.2bscpe:2.3:o:cisco:ios_xe:3.16.2bs:*:*:*:*:*:*:*
ciscoios_xe3.16.2scpe:2.3:o:cisco:ios_xe:3.16.2s:*:*:*:*:*:*:*
ciscoios_xe3.16.3ascpe:2.3:o:cisco:ios_xe:3.16.3as:*:*:*:*:*:*:*
ciscoios_xe3.16.3scpe:2.3:o:cisco:ios_xe:3.16.3s:*:*:*:*:*:*:*
ciscoios_xe3.16.4scpe:2.3:o:cisco:ios_xe:3.16.4s:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios_xe	3.16.0cs	cpe:2.3:o:cisco:ios_xe:3.16.0cs:::::::*
cisco	ios_xe	3.16.0s	cpe:2.3:o:cisco:ios_xe:3.16.0s:::::::*
cisco	ios_xe	3.16.1as	cpe:2.3:o:cisco:ios_xe:3.16.1as:::::::*
cisco	ios_xe	3.16.1s	cpe:2.3:o:cisco:ios_xe:3.16.1s:::::::*
cisco	ios_xe	3.16.2as	cpe:2.3:o:cisco:ios_xe:3.16.2as:::::::*
cisco	ios_xe	3.16.2bs	cpe:2.3:o:cisco:ios_xe:3.16.2bs:::::::*
cisco	ios_xe	3.16.2s	cpe:2.3:o:cisco:ios_xe:3.16.2s:::::::*
cisco	ios_xe	3.16.3as	cpe:2.3:o:cisco:ios_xe:3.16.3as:::::::*
cisco	ios_xe	3.16.3s	cpe:2.3:o:cisco:ios_xe:3.16.3s:::::::*
cisco	ios_xe	3.16.4s	cpe:2.3:o:cisco:ios_xe:3.16.4s:::::::*

Rows per page:

1-10 of 171

References

www.securityfocus.com/bid/93518

www.securitytracker.com/id/1037003

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-cbr-8

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

5.8

Confidence

High

EPSS

0.003

Percentile

68.4%

JSON

Related for NVD:CVE-2016-6438

cvelist1 prion1 cisco1 cve1 openvas1