CVE-2016-1424Improper Restriction of Operations within the Bounds of a Memory Buffer in Cisco IOS

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents5 sources
Severity
6.5MEDIUMNVD
EPSS
0.2%
top 52.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedJun 19
Latest updateMay 17

Description

Cisco IOS 15.2(1)T1.11 and 15.2(2)TST allows remote attackers to cause a denial of service (device crash) via a crafted LLDP packet, aka Bug ID CSCun63132.

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

NVDcisco/ios15.2\(1\)t1.11, 15.2\(2\)tst+1

🔴Vulnerability Details

2
GHSA
GHSA-2h46-7m9w-gh94: Cisco IOS 152022-05-17
CVEList
CVE-2016-1424: Cisco IOS 152016-06-19

📋Vendor Advisories

1
Cisco
Cisco IOS Software Link Layer Discovery Protocol Processing Code Denial of Service Vulnerability2016-06-17

💬Community

1
Bugzilla
CVE-2016-0734 activemq: Clickjacking in Web Console2016-03-14
CVE-2016-1424 — Cisco IOS vulnerability | cvebase