A vulnerability in the SSL/TLS functions of the Cisco ACE 4700 Series
Application Control Engine Appliances could allow an unauthenticated, remote attacker to cause a denial of
service (DoS) condition on the affected device.
{"id": "OPENVAS:1361412562310106258", "type": "openvas", "bulletinFamily": "scanner", "title": "Cisco ACE 4710 Application Control Engine Denial of Service Vulnerability", "description": "A vulnerability in the SSL/TLS functions of the Cisco ACE 4700 Series\nApplication Control Engine Appliances could allow an unauthenticated, remote attacker to cause a denial of\nservice (DoS) condition on the affected device.", "published": "2016-09-16T00:00:00", "modified": "2019-10-09T00:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310106258", "reporter": "This script is Copyright (C) 2016 Greenbone Networks GmbH", "references": ["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160908-ace"], "cvelist": ["CVE-2016-6399"], "lastseen": "2019-10-09T15:20:34", "viewCount": 9, "enchantments": {"dependencies": {}, "score": {"value": 6.5, "vector": "NONE"}, "backreferences": {"references": [{"type": "cisco", "idList": ["CISCO-SA-20160908-ACE"]}, {"type": "cve", "idList": ["CVE-2016-6399"]}]}, "exploitation": null, "vulnersScore": 6.5}, "pluginID": "1361412562310106258", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Cisco ACE 4710 Application Control Engine Denial of Service Vulnerability\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/h:cisco:ace_4710\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.106258\");\n script_cve_id(\"CVE-2016-6399\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_version(\"2019-10-09T06:43:33+0000\");\n\n script_name(\"Cisco ACE 4710 Application Control Engine Denial of Service Vulnerability\");\n\n script_xref(name:\"URL\", value:\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160908-ace\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to version A5(3.5)\");\n\n script_tag(name:\"summary\", value:\"A vulnerability in the SSL/TLS functions of the Cisco ACE 4700 Series\nApplication Control Engine Appliances could allow an unauthenticated, remote attacker to cause a denial of\nservice (DoS) condition on the affected device.\");\n\n script_tag(name:\"insight\", value:\"The vulnerability is due to incomplete input validation checks in the\nSSL/TLS code. An attacker could exploit this vulnerability by sending specific SSL/TLS packets to the affected\ndevice.\");\n\n script_tag(name:\"impact\", value:\"An exploit could allow the attacker to trigger a reload of the affected\ndevice.\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"last_modification\", value:\"2019-10-09 06:43:33 +0000 (Wed, 09 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-09-16 11:53:36 +0700 (Fri, 16 Sep 2016)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"CISCO\");\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_dependencies(\"gb_cisco_ace_application_control_engine_detect.nasl\");\n script_mandatory_keys(\"cisco_ace/detected\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!version = get_app_version(cpe:CPE))\n exit(0);\n\naffected = make_list(\n 'A1(7a)',\n 'A1(7b)',\n 'A1(8.0)',\n 'A1(8.0a)',\n 'A3(1.0)',\n 'A3(2.0)',\n 'A3(2.2)',\n 'A3(2.3)',\n 'A3(2.4)',\n 'A3(2.5)',\n 'A3(2.6)',\n 'A3(2.7)',\n 'A4(1.0)',\n 'A4(1.1)',\n 'A4(2.0)',\n 'A4(2.1a)',\n 'A4(2.2)',\n 'A4(2.3)',\n 'A5(1.0)',\n 'A5(1.1)',\n 'A5(1.2)',\n 'A5(2.0)',\n 'A5(2.1)',\n 'A5(2.1e)',\n 'A5(3.0)',\n 'A5(3.1a)',\n 'A5(3.1b)',\n 'A5(3.2)',\n 'A5(3.3)' );\n\nforeach af ( affected )\n{\n if( version == af )\n {\n report = report_fixed_ver( installed_version:version, fixed_version: \"A5(3.5)\" );\n security_message( port:0, data:report );\n exit( 0 );\n }\n}\n\nexit( 99 );\n\n", "naslFamily": "CISCO", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645293171}}
{"cisco": [{"lastseen": "2022-06-05T10:03:46", "description": "A vulnerability in the SSL/TLS functions of the Cisco ACE30 Application Control Engine Module and the Cisco ACE 4700 Series Application Control Engine Appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device.\n\nThe vulnerability is due to incomplete input validation checks in the SSL/TLS code. An attacker could exploit this vulnerability by sending specific SSL/TLS packets to the affected device. An exploit could allow the attacker to trigger a reload of the affected device.\n\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\n\nThis advisory is available at the following link:\n\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160908-ace[\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160908-ace\"]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-09-08T16:30:00", "type": "cisco", "title": "Cisco ACE30 Application Control Engine Module and Cisco ACE 4710 Application Control Engine Denial of Service Vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6399"], "modified": "2016-10-26T18:16:00", "id": "CISCO-SA-20160908-ACE", "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160908-ace", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "cve": [{"lastseen": "2022-03-23T14:54:25", "description": "Cisco ACE30 Application Control Engine Module through A5 3.3 and ACE 4700 Application Control Engine appliances through A5 3.3 allow remote attackers to cause a denial of service (device reload) via crafted (1) SSL or (2) TLS packets, aka Bug ID CSCvb16317.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-09-12T10:59:00", "type": "cve", "title": "CVE-2016-6399", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6399"], "modified": "2016-11-28T20:32:00", "cpe": ["cpe:/h:cisco:ace_4700_series_application_control_engine_appliance:a5\\(2.1\\)", "cpe:/a:cisco:ace_application_control_engine_module_a4:2.2", "cpe:/a:cisco:ace_application_control_engine_module_a3:2.6", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance_a3:2.7", "cpe:/a:cisco:ace_application_control_engine_module_a3:2.0", "cpe:/a:cisco:ace_application_control_engine_module_a4:2.3", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance_a5:3.1a", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance_a3:2.0", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance:a5\\(2.1e\\)", "cpe:/a:cisco:ace_application_control_engine_module_a4:1.0", "cpe:/a:cisco:ace_application_control_engine_module_a5:3.3", "cpe:/a:cisco:ace_application_control_engine_module_a1:7b", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance:a5_base", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance_a3:2.4", "cpe:/a:cisco:ace_application_control_engine_module_a1:8.0a", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance_a3:1.0", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance:a5\\(1.1\\)", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance:a5\\(1.2\\)", "cpe:/a:cisco:ace_application_control_engine_module_a1:8.0", "cpe:/a:cisco:ace_application_control_engine_module_a3:2.7", "cpe:/a:cisco:ace_application_control_engine_module_a5:3.0", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance_a1:7", "cpe:/a:cisco:ace_application_control_engine_module_a5:1.2", "cpe:/a:cisco:ace_application_control_engine_module_a4:2.1a", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance:a5\\(3.0\\)", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance_a1:8.0a", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance_a5:3.3", "cpe:/a:cisco:ace_application_control_engine_module_a5:3.2", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance_a3:2.5", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance_a4:2.3", "cpe:/a:cisco:ace_application_control_engine_module_a3:2.2", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance_a5:3.1b", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance_a1:7b", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance_a1:7a", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance_a3:2.2", "cpe:/a:cisco:ace_application_control_engine_module_a3:2.4", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance_a4:1.0", "cpe:/a:cisco:ace_application_control_engine_module_a5:1.0", "cpe:/a:cisco:ace_application_control_engine_module_a5:1.1", "cpe:/a:cisco:ace_application_control_engine_module_a1:7a", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance_a4:2.2", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance_a4:1.1", "cpe:/a:cisco:ace_application_control_engine_module_a4:1.1", "cpe:/a:cisco:ace_application_control_engine_module_a5:2.0", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance_a3:2.3", "cpe:/a:cisco:ace_application_control_engine_module_a3:2.5", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance_a4:2.1a", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance_a5:3.2", "cpe:/a:cisco:ace_application_control_engine_module_a5:3.1b", "cpe:/a:cisco:ace_application_control_engine_module_a5:3.1a", "cpe:/a:cisco:ace_application_control_engine_module_a5:2.1e", "cpe:/a:cisco:ace_application_control_engine_module_a5:2.1", "cpe:/a:cisco:ace_application_control_engine_module_a3:2.3", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance_a4:2.0", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance_a3:2.6", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance:a5\\(2.0\\)", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance_a1:8.0", "cpe:/h:cisco:ace_4700_series_application_control_engine_appliance:a5\\(1.0\\)", "cpe:/a:cisco:ace_application_control_engine_module_a4:2.0", "cpe:/a:cisco:ace_application_control_engine_module_a3:1.0"], "id": "CVE-2016-6399", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6399", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:cisco:ace_application_control_engine_module_a5:1.0:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a3:2.6:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a1:8.0:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a4:2.1a:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance:a5\\(2.1e\\):*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance:a5\\(1.0\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a5:1.2:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance:a5\\(3.0\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a5:2.1e:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a4:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a3:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a5:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a1:7a:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a3:2.7:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a1:7b:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a5:2.1:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a3:2.3:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a4:1.0:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a4:2.3:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a3:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a4:2.3:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a1:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a4:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a5:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a4:2.1a:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a5:3.2:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance:a5_base:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a3:2.7:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a3:1.0:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a3:2.4:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a4:2.0:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a5:3.3:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a1:7b:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a1:7:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a5:3.1b:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a1:7a:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a5:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a3:2.3:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a3:2.5:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance:a5\\(1.2\\):*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a1:8.0a:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a3:2.4:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance:a5\\(2.0\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a3:2.6:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a4:1.1:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a3:2.0:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance:a5\\(2.1\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a3:2.0:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a5:3.1a:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance:a5\\(1.1\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a5:3.2:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a5:3.1a:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a5:3.1b:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a3:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a4:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a1:8.0a:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a3:1.0:*:*:*:*:*:*:*", "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a4:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a4:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:cisco:ace_application_control_engine_module_a5:3.3:*:*:*:*:*:*:*"]}]}
Cisco ACE 4710 Application Control Engine Denial of Service Vulnerability
