CVE-2016-1425 β€” Improper Restriction of Operations within the Bounds of a Memory Buffer in Cisco IOS

CWE-119 β€” Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
6.5MEDIUMNVD
EPSS
0.9%
top 24.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedJul 3
Latest updateMay 17

Description

Cisco IOS 15.0(2)SG5, 15.1(2)SG3, 15.2(1)E, 15.3(3)S, and 15.4(1.13)S allows remote attackers to cause a denial of service (device crash) via a crafted LLDP packet, aka Bug ID CSCun66735.

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

β–ΆNVDcisco/ios5 versions+4

πŸ”΄Vulnerability Details

2
GHSA
GHSA-6vgp-m9h9-xgw2: Cisco IOS 15β†—2022-05-17
β–Ά
CVEList
CVE-2016-1425: Cisco IOS 15β†—2016-07-03
β–Ά

πŸ“‹Vendor Advisories

1
Cisco
Cisco IOS Software Link Layer Discovery Protocol Processing Code Denial of Service Vulnerability↗2016-06-17
β–Ά
CVE-2016-1425 β€” Cisco IOS vulnerability | cvebase