CVE-2016-1348

CWE-3995 documents5 sources

Severity

7.5HIGH

EPSS

0.5%

top 33.09%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Netgear Jr6150 Firmware Zyxel Gs1900-10hp Firmware Cisco IOS XE +3 more

Timeline

PublishedMar 26

Latest updateMay 17

Description

Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 Relay message, aka Bug ID CSCus55821.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages6 packages

▶NVDcisco/ios_xe77 versions+76

▶NVDnetgear/jr6150_firmware< 2017-01-06

▶NVDzyxel/gs1900-10hp_firmware< 2.50\(aazi.0\)c0

▶NVDsun/opensolarissnv_124

▶NVDsamsung/x14j_firmwaret-ms14jakucb-1102.5

🔴Vulnerability Details

GHSA

GHSA-6wg9-4x75-m2rq: Cisco IOS 15↗2022-05-17

▶

CVEList

CVE-2016-1348: Cisco IOS 15↗2016-03-26

▶

📋Vendor Advisories

Cisco

Cisco IOS and IOS XE Software DHCPv6 Relay Denial of Service Vulnerability↗2016-03-23

▶

💬Community

Bugzilla

CVE-2016-4471 cfme: Privilege escalation causing arbitrary code execution↗2016-05-30

▶