Search...

Cisco IOS XE Software IP Fragment Reassembly Denial of Service Vulnerability

2016-09-29T00:00:00

ID OPENVAS:1361412562310106304
Type openvas
Reporter This script is Copyright (C) 2016 Greenbone Networks GmbH
Modified 2019-10-09T00:00:00

Description

A vulnerability in the IPv4 fragment reassembly function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload.

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
#
# Cisco IOS XE Software IP Fragment Reassembly Denial of Service Vulnerability
#
# Authors:
# Christian Kuersteiner &lt;christian.kuersteiner@greenbone.net&gt;
#
# Copyright:
# Copyright (c) 2016 Greenbone Networks GmbH
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

CPE = "cpe:/o:cisco:ios_xe";

if (description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.106304");
  script_cve_id("CVE-2016-6386");
  script_tag(name:"cvss_base", value:"7.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_version("2019-10-09T06:43:33+0000");

  script_name("Cisco IOS XE Software IP Fragment Reassembly Denial of Service Vulnerability");

  script_xref(name:"URL", value:"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-frag");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"solution", value:"See the referenced vendor advisory for a solution.");

  script_tag(name:"summary", value:"A vulnerability in the IPv4 fragment reassembly function of Cisco IOS XE
Software could allow an unauthenticated, remote attacker to cause an affected device to reload.");

  script_tag(name:"insight", value:"The vulnerability is due to the corruption of an internal data structure
that occurs when the affected software reassembles an IPv4 packet. An attacker could exploit this vulnerability
by sending crafted IPv4 fragments to an affected device.");

  script_tag(name:"impact", value:"A successful exploit could allow the attacker to cause the device to reload,
resulting in a denial of service (DoS) condition.");

  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");

  script_tag(name:"last_modification", value:"2019-10-09 06:43:33 +0000 (Wed, 09 Oct 2019)");
  script_tag(name:"creation_date", value:"2016-09-29 14:49:44 +0700 (Thu, 29 Sep 2016)");
  script_category(ACT_GATHER_INFO);
  script_family("CISCO");
  script_copyright("This script is Copyright (C) 2016 Greenbone Networks GmbH");
  script_dependencies("gb_cisco_ios_xe_version.nasl");
  script_mandatory_keys("cisco_ios_xe/version");
  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if( ! version = get_app_version( cpe:CPE ) ) exit( 0 );

affected = make_list(
  '3.2.0JA',
  '3.8.0E',
  '3.8.1E',
  '3.8.0EX',
  '3.1.3a.S',
  '3.1.0S',
  '3.1.1S',
  '3.1.2S',
  '3.1.4S',
  '3.1.4a.S',
  '3.1.0SG',
  '3.1.1SG',
  '3.2.1S',
  '3.2.2S',
  '3.2.0SE',
  '3.2.1SE',
  '3.2.2SE',
  '3.2.3SE',
  '3.2.0SG',
  '3.2.1SG',
  '3.2.2SG',
  '3.2.3SG',
  '3.2.4SG',
  '3.2.5SG',
  '3.2.6SG',
  '3.2.7SG',
  '3.2.8SG',
  '3.2.9SG',
  '3.2.10SG',
  '3.2.0XO',
  '3.3.0S',
  '3.3.1S',
  '3.3.2S',
  '3.3.0SE',
  '3.3.1SE',
  '3.3.2SE',
  '3.3.3SE',
  '3.3.4SE',
  '3.3.5SE',
  '3.3.0SG',
  '3.3.1SG',
  '3.3.2SG',
  '3.3.0SQ',
  '3.3.1SQ',
  '3.3.0XO',
  '3.3.1XO',
  '3.3.2XO',
  '3.4.0S',
  '3.4.0a.S',
  '3.4.1S',
  '3.4.2S',
  '3.4.3S',
  '3.4.4S',
  '3.4.5S',
  '3.4.6S',
  '3.4.0SG',
  '3.4.1SG',
  '3.4.2SG',
  '3.4.3SG',
  '3.4.4SG',
  '3.4.5SG',
  '3.4.6SG',
  '3.4.7SG',
  '3.4.0SQ',
  '3.4.1SQ',
  '3.5.0E',
  '3.5.1E',
  '3.5.2E',
  '3.5.3E',
  '3.5.0S',
  '3.5.1S',
  '3.5.2S',
  '3.5.1SQ',
  '3.5.2SQ',
  '3.5.3SQ',
  '3.5.0SQ',
  '3.6.4E',
  '3.6.0E',
  '3.6.1E',
  '3.6.2a.E',
  '3.6.2E',
  '3.6.3E',
  '3.6.0S',
  '3.6.1S',
  '3.6.2S',
  '3.7.3E',
  '3.7.1E',
  '3.7.2E',
  '3.7.0S',
  '3.7.1S',
  '3.7.2S',
  '3.7.2t.S',
  '3.7.3S',
  '3.7.4S',
  '3.7.4a.S',
  '3.7.5S',
  '3.7.6S',
  '3.8.0S',
  '3.8.1S',
  '3.8.2S',
  '3.9.0S',
  '3.9.0a.S',
  '3.9.1S',
  '3.9.1a.S',
  '3.9.2S',
  '3.10.0S',
  '3.10.1S',
  '3.10.1xb.S',
  '3.10.2S',
  '3.10.3S',
  '3.10.4S',
  '3.10.5S',
  '3.10.6S',
  '3.10.7S',
  '3.11.0S',
  '3.11.1S',
  '3.11.2S',
  '3.11.3S',
  '3.11.4S',
  '3.12.0S',
  '3.12.0a.S',
  '3.12.1S',
  '3.12.4S',
  '3.12.2S',
  '3.12.3S',
  '3.13.2a.S',
  '3.13.0S',
  '3.13.0a.S',
  '3.13.1S',
  '3.13.2S',
  '3.13.3S',
  '3.13.4S',
  '3.14.0S',
  '3.14.1S',
  '3.14.2S',
  '3.14.3S',
  '3.15.1c.S',
  '3.15.0S',
  '3.15.1S',
  '3.15.2S',
  '3.17.0S',
  '16.1.3',
  '16.1.1',
  '16.1.2',
  '3.16.0S',
  '3.16.0c.S',
  '3.16.1S',
  '3.16.1a.S' );

foreach af ( affected )
{
  if( version == af )
  {
    report = report_fixed_ver(  installed_version:version, fixed_version: "See advisory" );
    security_message( port:0, data:report );
    exit( 0 );
  }
}

exit( 99 );

JSON Vulners Source

Initial Source

{"id": "OPENVAS:1361412562310106304", "type": "openvas", "bulletinFamily": "scanner", "title": "Cisco IOS XE Software IP Fragment Reassembly Denial of Service Vulnerability", "description": "A vulnerability in the IPv4 fragment reassembly function of Cisco IOS XE\nSoftware could allow an unauthenticated, remote attacker to cause an affected device to reload.", "published": "2016-09-29T00:00:00", "modified": "2019-10-09T00:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310106304", "reporter": "This script is Copyright (C) 2016 Greenbone Networks GmbH", "references": ["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-frag"], "cvelist": ["CVE-2016-6386"], "lastseen": "2019-10-09T15:19:19", "viewCount": 5, "enchantments": {"dependencies": {}, "score": {"value": 6.6, "vector": "NONE"}, "backreferences": {"references": [{"type": "cisco", "idList": ["CISCO-SA-20160928-FRAG"]}, {"type": "cve", "idList": ["CVE-2016-6386"]}, {"type": "nessus", "idList": ["CISCO-SA-20160928-FRAG.NASL"]}]}, "exploitation": null, "vulnersScore": 6.6}, "pluginID": "1361412562310106304", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Cisco IOS XE Software IP Fragment Reassembly Denial of Service Vulnerability\n#\n# Authors:\n# Christian Kuersteiner <christian.kuersteiner@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/o:cisco:ios_xe\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.106304\");\n script_cve_id(\"CVE-2016-6386\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_version(\"2019-10-09T06:43:33+0000\");\n\n script_name(\"Cisco IOS XE Software IP Fragment Reassembly Denial of Service Vulnerability\");\n\n script_xref(name:\"URL\", value:\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-frag\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"See the referenced vendor advisory for a solution.\");\n\n script_tag(name:\"summary\", value:\"A vulnerability in the IPv4 fragment reassembly function of Cisco IOS XE\nSoftware could allow an unauthenticated, remote attacker to cause an affected device to reload.\");\n\n script_tag(name:\"insight\", value:\"The vulnerability is due to the corruption of an internal data structure\nthat occurs when the affected software reassembles an IPv4 packet. An attacker could exploit this vulnerability\nby sending crafted IPv4 fragments to an affected device.\");\n\n script_tag(name:\"impact\", value:\"A successful exploit could allow the attacker to cause the device to reload,\nresulting in a denial of service (DoS) condition.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"last_modification\", value:\"2019-10-09 06:43:33 +0000 (Wed, 09 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-09-29 14:49:44 +0700 (Thu, 29 Sep 2016)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"CISCO\");\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_dependencies(\"gb_cisco_ios_xe_version.nasl\");\n script_mandatory_keys(\"cisco_ios_xe/version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! version = get_app_version( cpe:CPE ) ) exit( 0 );\n\naffected = make_list(\n '3.2.0JA',\n '3.8.0E',\n '3.8.1E',\n '3.8.0EX',\n '3.1.3a.S',\n '3.1.0S',\n '3.1.1S',\n '3.1.2S',\n '3.1.4S',\n '3.1.4a.S',\n '3.1.0SG',\n '3.1.1SG',\n '3.2.1S',\n '3.2.2S',\n '3.2.0SE',\n '3.2.1SE',\n '3.2.2SE',\n '3.2.3SE',\n '3.2.0SG',\n '3.2.1SG',\n '3.2.2SG',\n '3.2.3SG',\n '3.2.4SG',\n '3.2.5SG',\n '3.2.6SG',\n '3.2.7SG',\n '3.2.8SG',\n '3.2.9SG',\n '3.2.10SG',\n '3.2.0XO',\n '3.3.0S',\n '3.3.1S',\n '3.3.2S',\n '3.3.0SE',\n '3.3.1SE',\n '3.3.2SE',\n '3.3.3SE',\n '3.3.4SE',\n '3.3.5SE',\n '3.3.0SG',\n '3.3.1SG',\n '3.3.2SG',\n '3.3.0SQ',\n '3.3.1SQ',\n '3.3.0XO',\n '3.3.1XO',\n '3.3.2XO',\n '3.4.0S',\n '3.4.0a.S',\n '3.4.1S',\n '3.4.2S',\n '3.4.3S',\n '3.4.4S',\n '3.4.5S',\n '3.4.6S',\n '3.4.0SG',\n '3.4.1SG',\n '3.4.2SG',\n '3.4.3SG',\n '3.4.4SG',\n '3.4.5SG',\n '3.4.6SG',\n '3.4.7SG',\n '3.4.0SQ',\n '3.4.1SQ',\n '3.5.0E',\n '3.5.1E',\n '3.5.2E',\n '3.5.3E',\n '3.5.0S',\n '3.5.1S',\n '3.5.2S',\n '3.5.1SQ',\n '3.5.2SQ',\n '3.5.3SQ',\n '3.5.0SQ',\n '3.6.4E',\n '3.6.0E',\n '3.6.1E',\n '3.6.2a.E',\n '3.6.2E',\n '3.6.3E',\n '3.6.0S',\n '3.6.1S',\n '3.6.2S',\n '3.7.3E',\n '3.7.1E',\n '3.7.2E',\n '3.7.0S',\n '3.7.1S',\n '3.7.2S',\n '3.7.2t.S',\n '3.7.3S',\n '3.7.4S',\n '3.7.4a.S',\n '3.7.5S',\n '3.7.6S',\n '3.8.0S',\n '3.8.1S',\n '3.8.2S',\n '3.9.0S',\n '3.9.0a.S',\n '3.9.1S',\n '3.9.1a.S',\n '3.9.2S',\n '3.10.0S',\n '3.10.1S',\n '3.10.1xb.S',\n '3.10.2S',\n '3.10.3S',\n '3.10.4S',\n '3.10.5S',\n '3.10.6S',\n '3.10.7S',\n '3.11.0S',\n '3.11.1S',\n '3.11.2S',\n '3.11.3S',\n '3.11.4S',\n '3.12.0S',\n '3.12.0a.S',\n '3.12.1S',\n '3.12.4S',\n '3.12.2S',\n '3.12.3S',\n '3.13.2a.S',\n '3.13.0S',\n '3.13.0a.S',\n '3.13.1S',\n '3.13.2S',\n '3.13.3S',\n '3.13.4S',\n '3.14.0S',\n '3.14.1S',\n '3.14.2S',\n '3.14.3S',\n '3.15.1c.S',\n '3.15.0S',\n '3.15.1S',\n '3.15.2S',\n '3.17.0S',\n '16.1.3',\n '16.1.1',\n '16.1.2',\n '3.16.0S',\n '3.16.0c.S',\n '3.16.1S',\n '3.16.1a.S' );\n\nforeach af ( affected )\n{\n if( version == af )\n {\n report = report_fixed_ver( installed_version:version, fixed_version: \"See advisory\" );\n security_message( port:0, data:report );\n exit( 0 );\n }\n}\n\nexit( 99 );\n\n", "naslFamily": "CISCO", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645331331}}

{"nessus": [{"lastseen": "2021-08-19T12:18:39", "description": "According to its self-reported version, Cisco IOS XE Software is affected by a denial of service (DoS) vulnerability in the IPv4 fragment reassembly function due to the corruption of an internal data structure that occurs when the affected software reassembles an IPv4 packet. An unauthenticated, remote attacker can exploit this, by sending crafted IPv4 fragments to an affected device, to cause the device to reload and stop responding.\n\nPlease see the included Cisco BIDs and Cisco Security Advisory for more information.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-11-14T00:00:00", "type": "nessus", "title": "Cisco IOS XE Software IP Fragment Reassembly DoS (cisco-sa-20160928-frag)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6386"], "modified": "2021-06-28T00:00:00", "cpe": ["cpe:/o:cisco:ios_xe"], "id": "CISCO-SA-20160928-FRAG.NASL", "href": "https://www.tenable.com/plugins/nessus/130971", "sourceData": "#TRUSTED 34e7cfbecc9ae0c6e40677de95c119af59750079b3f7ad5d6331f34ca7aa6c7958c5ce6d4aadb6729ad611cd3506d199fcc45c32e3f8056264430dd5a4cbd2dc1f4acc51cbfc1085991071bd07ac020a05208fc5d5e3d23e12c8cb2fb0de5b032982c76fa4b5fe60e486d5c0bbd753fe6b18f80b296a45ef396ebd377ac8e66e9666b32d0defce6a356a77b208e61aa1ed33b35e6e16c494f06f261160d74ad8ca66ae1bf206131ddebbe28c00e52e6825101cca5c0e677c8ebf5b468f0a0d3e34617b4e73a773b01dd0452d0fe26151aeae48902f8e67bc42a5beede7ba5cc4617cbee6b919f31c2eb79a1fbec3559e02bdcb27de53d470ce868564baf8104a55133730a23792520c532fa9c00fc8d301210cde26484231c84499755d9553179617d735fb5c06bcca152a2ff4bc70013aeef6c5d925add3dea898478d0bc27de56c979752581f52dd42f3df3e4ca5d1d0e196755d99425a669394f82ee0b12839921982053086a9d0969718034a9b341c910e2dbd3fd38d09c9016b36c73f0dad4d21414add588217518ac4685a62f43ab5da00c41a9d77b146338b61376baa08ed9d4417986c2842fab3a1f66e29d44897ff1317c8b018a44a8af1100420c1fc7ab0f23b59a33ec46b2de3722a7db81b4d672e62668ae2e039044283c96bb7927646e960a0a13395a2795ec94e8c156a809cd09fcaee47cae05bc5f715770e\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130971);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/28\");\n\n script_cve_id(\"CVE-2016-6386\");\n script_bugtraq_id(93202);\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCux66005\");\n script_xref(name:\"CISCO-SA\", value:\"cisco-sa-20160928-frag\");\n\n script_name(english:\"Cisco IOS XE Software IP Fragment Reassembly DoS (cisco-sa-20160928-frag)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, Cisco IOS XE Software is affected by a denial of service (DoS) vulnerability in\nthe IPv4 fragment reassembly function due to the corruption of an internal data structure that occurs when the affected\nsoftware reassembles an IPv4 packet. An unauthenticated, remote attacker can exploit this, by sending crafted IPv4\nfragments to an affected device, to cause the device to reload and stop responding.\n\nPlease see the included Cisco BIDs and Cisco Security Advisory for more information.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-frag\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?62f9a0ef\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCux66005\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to the relevant fixed version referenced in Cisco bug ID(s) CSCux66005.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-6386\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:cisco:ios_xe\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CISCO\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"cisco_ios_xe_version.nasl\");\n script_require_keys(\"Host/Cisco/IOS-XE/Version\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('cisco_workarounds.inc');\ninclude('ccf.inc');\n\nproduct_info = cisco::get_product_info(name:'Cisco IOS XE Software');\n\n# Only 64 bit devices are affected\nshow_ver = get_kb_item('Host/Cisco/show_ver');\nsys_desc = get_kb_item('SNMP/sysDesc');\nif ('X86_64' >!< show_ver && 'X86_64' >!< sys_desc)\n audit(AUDIT_HOST_NOT, 'affected');\n\nversion_list = make_list(\n '3.2.0SG',\n '3.2.1SG',\n '3.2.2SG',\n '3.2.3SG',\n '3.2.4SG',\n '3.2.5SG',\n '3.2.6SG',\n '3.2.7SG',\n '3.2.8SG',\n '3.2.9SG',\n '3.2.10SG',\n '3.7.0S',\n '3.7.1S',\n '3.7.2S',\n '3.7.3S',\n '3.7.4S',\n '3.7.5S',\n '3.7.6S',\n '3.7.7S',\n '3.7.8S',\n '3.7.4aS',\n '3.7.2tS',\n '3.7.0bS',\n '3.7.1aS',\n '3.3.0SG',\n '3.3.2SG',\n '3.3.1SG',\n '3.8.0S',\n '3.8.1S',\n '3.8.2S',\n '3.9.1S',\n '3.9.0S',\n '3.9.2S',\n '3.9.0xaS',\n '3.9.1aS',\n '3.9.0aS',\n '3.2.0SE',\n '3.2.1SE',\n '3.2.2SE',\n '3.2.3SE',\n '3.3.0SE',\n '3.3.1SE',\n '3.3.2SE',\n '3.3.3SE',\n '3.3.4SE',\n '3.3.5SE',\n '3.3.0XO',\n '3.3.1XO',\n '3.3.2XO',\n '3.4.0SG',\n '3.4.2SG',\n '3.4.1SG',\n '3.4.3SG',\n '3.4.4SG',\n '3.4.5SG',\n '3.4.6SG',\n '3.4.7SG',\n '3.5.0E',\n '3.5.1E',\n '3.5.2E',\n '3.5.3E',\n '3.10.0S',\n '3.10.1S',\n '3.10.2S',\n '3.10.3S',\n '3.10.4S',\n '3.10.5S',\n '3.10.6S',\n '3.10.2aS',\n '3.10.2tS',\n '3.10.7S',\n '3.10.1xbS',\n '3.11.1S',\n '3.11.2S',\n '3.11.0S',\n '3.11.3S',\n '3.11.4S',\n '3.12.0S',\n '3.12.1S',\n '3.12.2S',\n '3.12.3S',\n '3.12.0aS',\n '3.12.4S',\n '3.13.0S',\n '3.13.1S',\n '3.13.2S',\n '3.13.3S',\n '3.13.4S',\n '3.13.2aS',\n '3.13.0aS',\n '3.6.0E',\n '3.6.1E',\n '3.6.0aE',\n '3.6.0bE',\n '3.6.2aE',\n '3.6.2E',\n '3.6.3E',\n '3.6.4E',\n '3.14.0S',\n '3.14.1S',\n '3.14.2S',\n '3.14.3S',\n '3.14.4S',\n '3.15.0S',\n '3.15.1S',\n '3.15.2S',\n '3.15.1cS',\n '3.15.2xbS',\n '3.3.0SQ',\n '3.3.1SQ',\n '3.4.0SQ',\n '3.4.1SQ',\n '3.7.0E',\n '3.7.1E',\n '3.7.2E',\n '3.7.3E',\n '3.5.0SQ',\n '3.5.1SQ',\n '3.5.2SQ',\n '3.5.3SQ',\n '3.5.4SQ',\n '3.5.5SQ',\n '3.5.6SQ',\n '3.16.0S',\n '3.16.1S',\n '3.16.0aS',\n '3.16.1aS',\n '3.16.0cS',\n '3.17.0S',\n '16.1.1',\n '16.1.2',\n '16.1.3',\n '3.2.0JA',\n '3.8.0E',\n '3.8.1E',\n '3.18.3bSP'\n);\n\nreporting = make_array(\n 'port' , product_info['port'], \n 'severity' , SECURITY_HOLE,\n 'version' , product_info['version'],\n 'bug_id' , 'CSCux66005',\n 'cmds' , make_list('show version'),\n 'disable_caveat', TRUE\n);\n\ncisco::check_and_report(product_info:product_info, reporting:reporting, vuln_versions:version_list);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "cisco": [{"lastseen": "2022-03-23T01:47:45", "description": "A vulnerability in the IPv4 fragment reassembly function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload.\n\nThe vulnerability is due to the corruption of an internal data structure that occurs when the affected software reassembles an IPv4 packet. An attacker could exploit this vulnerability by sending crafted IPv4 fragments to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition.\n\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\n\nThis advisory is available at the following link:\n\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-frag[\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-frag\"]\n\nThis advisory is part of the September 28, 2016, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 10 Cisco Security Advisories that describe 11 vulnerabilities. All the vulnerabilities have a Security Impact Rating of \u201cHigh.\u201d For a complete list of the advisories and links to them, see Cisco Event Response: September 2016 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication[\"http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56513\"].", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-09-28T16:00:00", "type": "cisco", "title": "Cisco IOS XE Software IP Fragment Reassembly Denial of Service Vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6386"], "modified": "2016-09-28T16:00:00", "id": "CISCO-SA-20160928-FRAG", "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-frag", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "cve": [{"lastseen": "2022-03-23T14:54:08", "description": "Cisco IOS XE 3.1 through 3.17 and 16.1 on 64-bit platforms allows remote attackers to cause a denial of service (data-structure corruption and device reload) via fragmented IPv4 packets, aka Bug ID CSCux66005.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-10-05T17:59:00", "type": "cve", "title": "CVE-2016-6386", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6386"], "modified": "2020-09-29T12:14:00", "cpe": ["cpe:/o:cisco:ios_xe:3.13.3s", "cpe:/o:cisco:ios_xe:3.6.4e", "cpe:/o:cisco:ios_xe:3.1.3as", "cpe:/o:cisco:ios_xe:3.2.1s", "cpe:/o:cisco:ios_xe:3.1.2s", "cpe:/o:cisco:ios_xe_3.4sg:3.4.7sg", "cpe:/o:cisco:ios_xe:3.8.0s", "cpe:/o:cisco:ios_xe:3.3.4se", "cpe:/o:cisco:ios_xe:3.3.0se", "cpe:/o:cisco:ios_xe:3.1.1s", "cpe:/o:cisco:ios_xe:3.5.1sq", "cpe:/o:cisco:ios_xe:3.11.4s", "cpe:/o:cisco:ios_xe:3.4.2s", "cpe:/o:cisco:ios_xe:3.13.2s", "cpe:/o:cisco:ios_xe:3.7.3e", "cpe:/o:cisco:ios_xe:3.6.1e", "cpe:/o:cisco:ios_xe:3.15.2s", "cpe:/o:cisco:ios_xe:3.13.0s", "cpe:/o:cisco:ios_xe:3.13.0as", "cpe:/o:cisco:ios_xe:3.9.0as", "cpe:/o:cisco:ios_xe:3.12.0s", "cpe:/o:cisco:ios_xe:3.12.4s", "cpe:/o:cisco:ios_xe:3.12.1s", "cpe:/o:cisco:ios_xe:3.7.2ts", "cpe:/o:cisco:ios_xe:3.7.2e", "cpe:/o:cisco:ios_xe:3.4.6s", "cpe:/o:cisco:ios_xe:3.12.2s", "cpe:/o:cisco:ios_xe:3.5.3sq", "cpe:/o:cisco:ios_xe:3.13.4s", "cpe:/o:cisco:ios_xe:3.2.1se", "cpe:/o:cisco:ios_xe:3.3.1se", "cpe:/o:cisco:ios_xe:3.3.0sq", "cpe:/o:cisco:ios_xe_3.2ja:3.2.0ja", "cpe:/o:cisco:ios_xe:3.5.2e", "cpe:/o:cisco:ios_xe:3.3.5se", "cpe:/o:cisco:ios_xe:3.4.0sq", "cpe:/o:cisco:ios_xe:3.10.7s", "cpe:/o:cisco:ios_xe:3.14.1s", "cpe:/o:cisco:ios_xe_3.4sg:3.4.0sg", "cpe:/o:cisco:ios_xe:3.8.1s", "cpe:/o:cisco:ios_xe:3.3.1s", "cpe:/o:cisco:ios_xe:3.5.2sq", "cpe:/o:cisco:ios_xe:3.9.0s", "cpe:/o:cisco:ios_xe:3.17.0s", "cpe:/o:cisco:ios_xe:3.5.2s", "cpe:/o:cisco:ios_xe:3.14.2s", "cpe:/o:cisco:ios_xe_3.4sg:3.4.2sg", "cpe:/o:cisco:ios_xe:3.1.4as", "cpe:/o:cisco:ios_xe_3.3xo:3.3.2xo", "cpe:/o:cisco:ios_xe:3.3.2s", "cpe:/o:cisco:ios_xe:3.9.1as", "cpe:/o:cisco:ios_xe:3.16.1s", "cpe:/o:cisco:ios_xe:3.7.4as", "cpe:/o:cisco:ios_xe_3.4sg:3.4.4sg", "cpe:/o:cisco:ios_xe:3.4.1s", "cpe:/o:cisco:ios_xe:3.11.2s", "cpe:/o:cisco:ios_xe_3.3sg:3.3.1sg", "cpe:/o:cisco:ios_xe:3.1.0sg", "cpe:/o:cisco:ios_xe:3.6.2ae", "cpe:/o:cisco:ios_xe:3.5.3e", "cpe:/o:cisco:ios_xe:3.6.2e", "cpe:/o:cisco:ios_xe_3.4sg:3.4.3sg", "cpe:/o:cisco:ios_xe:3.10.3s", "cpe:/o:cisco:ios_xe:3.4.4s", "cpe:/o:cisco:ios_xe:3.10.2s", "cpe:/o:cisco:ios_xe:3.6.1s", "cpe:/o:cisco:ios_xe:3.6.0e", "cpe:/o:cisco:ios_xe:3.3.1sq", "cpe:/o:cisco:ios_xe:3.10.4s", "cpe:/o:cisco:ios_xe:3.5.1e", "cpe:/o:cisco:ios_xe:3.4.1sq", "cpe:/o:cisco:ios_xe:3.10.1xbs", "cpe:/o:cisco:ios_xe:3.14.3s", "cpe:/o:cisco:ios_xe:3.7.2s", "cpe:/o:cisco:ios_xe:3.8.0ex", "cpe:/o:cisco:ios_xe:3.3.3se", "cpe:/o:cisco:ios_xe:3.4.0s", "cpe:/o:cisco:ios_xe:3.4.3s", "cpe:/o:cisco:ios_xe:3.11.0s", "cpe:/o:cisco:ios_xe:3.15.0s", "cpe:/o:cisco:ios_xe:3.5.0sq", "cpe:/o:cisco:ios_xe:3.1.4s", "cpe:/o:cisco:ios_xe_3.4sg:3.4.6sg", "cpe:/o:cisco:ios_xe:3.2.2se", "cpe:/o:cisco:ios_xe:3.10.0s", "cpe:/o:cisco:ios_xe:3.2.3se", "cpe:/o:cisco:ios_xe:3.6.0s", "cpe:/o:cisco:ios_xe_3.3xo:3.3.1xo", "cpe:/o:cisco:ios_xe:3.8.2s", "cpe:/o:cisco:ios_xe:3.7.0s", "cpe:/o:cisco:ios_xe:3.3.2se", "cpe:/o:cisco:ios_xe:3.7.6s", "cpe:/o:cisco:ios_xe:3.3.0s", "cpe:/o:cisco:ios_xe:3.15.1cs", "cpe:/o:cisco:ios_xe:3.8.0e", "cpe:/o:cisco:ios_xe:3.7.3s", "cpe:/o:cisco:ios_xe:3.2.2s", "cpe:/o:cisco:ios_xe:3.4.0as", "cpe:/o:cisco:ios_xe:3.13.1s", "cpe:/o:cisco:ios_xe:3.14.0s", "cpe:/o:cisco:ios_xe:3.5.1s", "cpe:/o:cisco:ios_xe:3.12.0as", "cpe:/o:cisco:ios_xe:3.13.2as", "cpe:/o:cisco:ios_xe:3.16.0s", "cpe:/o:cisco:ios_xe_3.3sg:3.3.0sg", "cpe:/o:cisco:ios_xe:3.16.1as", "cpe:/o:cisco:ios_xe_3.3sg:3.3.2sg", "cpe:/o:cisco:ios_xe:3.10.6s", "cpe:/o:cisco:ios_xe:3.12.3s", "cpe:/o:cisco:ios_xe_3.3xo:3.3.0xo", "cpe:/o:cisco:ios_xe:3.4.5s", "cpe:/o:cisco:ios_xe:3.11.3s", "cpe:/o:cisco:ios_xe_16.1:16.1.2", "cpe:/o:cisco:ios_xe:3.11.1s", "cpe:/o:cisco:ios_xe_3.4sg:3.4.1sg", "cpe:/o:cisco:ios_xe:3.15.1s", "cpe:/o:cisco:ios_xe:3.9.1s", "cpe:/o:cisco:ios_xe:3.7.5s", "cpe:/o:cisco:ios_xe:3.16.0cs", "cpe:/o:cisco:ios_xe:3.7.4s", "cpe:/o:cisco:ios_xe_3.4sg:3.4.5sg", "cpe:/o:cisco:ios_xe:3.7.1s", "cpe:/o:cisco:ios_xe:3.6.3e", "cpe:/o:cisco:ios_xe:3.8.1e", "cpe:/o:cisco:ios_xe:3.10.5s", "cpe:/o:cisco:ios_xe:3.10.1s", "cpe:/o:cisco:ios_xe:3.7.1e", "cpe:/o:cisco:ios_xe:3.6.2s", "cpe:/o:cisco:ios_xe:3.5.0s", "cpe:/o:cisco:ios_xe:3.5.0e", "cpe:/o:cisco:ios_xe:3.9.2s", "cpe:/o:cisco:ios_xe:3.2.0se", "cpe:/o:cisco:ios_xe:3.1.0s", "cpe:/o:cisco:ios_xe:3.1.1sg"], "id": "CVE-2016-6386", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6386", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:cisco:ios_xe:3.7.6s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.3sg:3.3.1sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.4as:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.9.0as:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.4.3s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.6.2e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.13.4s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.3xo:3.3.2xo:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.3xo:3.3.0xo:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.4sg:3.4.5sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.14.3s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.6.1e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.1e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.3.1sq:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.3.4se:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.3sg:3.3.0sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.3.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.4.0as:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.13.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.9.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.5s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.6.2ae:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.6.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.13.0as:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.17.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.5.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.13.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.5.0sq:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.4sg:3.4.6sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.4sg:3.4.7sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.1.3as:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.2ts:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.3.1se:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.11.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.1.0sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.4sg:3.4.1sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.13.3s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.12.0as:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.3.2se:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.10.4s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.11.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.5.1e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.4.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.8.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.3e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.4.1sq:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.10.5s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.9.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.6.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.2.1se:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.10.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.16.0cs:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.1.4s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.6.3e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.8.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.14.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.4.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.4.0sq:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.13.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.6.4e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.12.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.8.0e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.16.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.10.6s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.4sg:3.4.0sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.15.1cs:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.10.7s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.4sg:3.4.3sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.15.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.2.3se:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.5.3e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.11.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.10.1xbs:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.16.1as:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.6.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.3s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.4.4s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.5.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.4s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.1.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.4.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.1.1sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.11.4s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.2ja:3.2.0ja:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.12.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.5.3sq:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.3xo:3.3.1xo:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.3.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.4.6s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.5.2e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.1.4as:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.4.5s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.5.2sq:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.3sg:3.3.2sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.10.3s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.3.0sq:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.10.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.2.2se:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.11.3s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.9.1as:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.2.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.2e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.5.0e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.12.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.7.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.8.0ex:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.1.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.2.0se:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_16.1:16.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.8.1e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.3.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.10.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.5.1sq:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.3.0se:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.8.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.4sg:3.4.4sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.14.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.12.4s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.13.2as:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.1.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.16.0s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe_3.4sg:3.4.2sg:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.14.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.15.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.3.3se:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.15.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.12.3s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.3.5se:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.9.2s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.2.1s:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.6.0e:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:ios_xe:3.5.0s:*:*:*:*:*:*:*"]}]}