CVE-2016-1347Cisco IOS vulnerability

CWE-3994 documents4 sources
Severity
7.5HIGHNVD
EPSS
4.3%
top 11.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedMar 24
Latest updateMay 17

Description

The Wide Area Application Services (WAAS) Express implementation in Cisco IOS 15.1 through 15.5 allows remote attackers to cause a denial of service (device reload) via a crafted TCP segment, aka Bug ID CSCuq59708.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

NVDcisco/ios33 versions+32

🔴Vulnerability Details

2
GHSA
GHSA-9qwf-m3jp-25jm: The Wide Area Application Services (WAAS) Express implementation in Cisco IOS 152022-05-17
CVEList
CVE-2016-1347: The Wide Area Application Services (WAAS) Express implementation in Cisco IOS 152016-03-24

📋Vendor Advisories

1
Cisco
Cisco IOS Software Wide Area Application Services Express Denial of Service Vulnerability2016-03-23
CVE-2016-1347 — Cisco IOS vulnerability | cvebase