CVE-2016-1350

CWE-3995 documents5 sources
Severity
7.5HIGH
EPSS
2.4%
top 14.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Lenovo Thinkcentre E75s FirmwareZyxel Gs1900-10hp FirmwareCisco IOS XE+3 more
Timeline
PublishedMar 26
Latest updateMay 17

Description

Cisco IOS 15.3 and 15.4, Cisco IOS XE 3.8 through 3.11, and Cisco Unified Communications Manager allow remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCuj23293.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages6 packages

NVDcisco/ios_xe13 versions+12
NVDzyxel/gs1900-10hp_firmware< 2.50\(aazi.0\)c0
NVDsun/opensolarissnv_124
NVDsamsung/x14j_firmwaret-ms14jakucb-1102.5

🔴Vulnerability Details

2
GHSA
GHSA-3rf4-wqcv-f4q7: Cisco IOS 152022-05-17
CVEList
CVE-2016-1350: Cisco IOS 152016-03-26

📋Vendor Advisories

1
Cisco
Cisco IOS and IOS XE and Cisco Unified Communications Manager Software Session Initiation Protocol Memory Leak Vulnerability2016-03-23

🕵️Threat Intelligence

1
Unit42
Threat Brief: Microsoft DNS Server Wormable Vulnerability CVE-2020-13502020-07-21