Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCiscoCVE-2016-6438
HistoryOct 27, 2016 - 9:59 p.m.

CVE-2016-6438

2016-10-2721:59:09
CWE-264
cisco
web.nvd.nist.gov
27
4
cisco
vulnerability
cve-2016-6438
ios xe
cbr-8
broadband routers
remote attacker
configuration integrity

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

5.7

Confidence

High

EPSS

0.003

Percentile

68.4%

JSON

A vulnerability in Cisco IOS XE Software running on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause a configuration integrity change to the vty line configuration on an affected device. This vulnerability affects the following releases of Cisco IOS XE Software running on Cisco cBR-8 Converged Broadband Routers: All 3.16S releases, All 3.17S releases, Release 3.18.0S, Release 3.18.1S, Release 3.18.0SP. More Information: CSCuz62815. Known Affected Releases: 15.5(3)S2.9, 15.6(2)SP. Known Fixed Releases: 15.6(1.7)SP1, 16.4(0.183), 16.5(0.1).

Affected configurations

Nvd
Node
ciscoios_xeMatch3.16.0cs
OR
ciscoios_xeMatch3.16.0s
OR
ciscoios_xeMatch3.16.1as
OR
ciscoios_xeMatch3.16.1s
OR
ciscoios_xeMatch3.16.2as
OR
ciscoios_xeMatch3.16.2bs
OR
ciscoios_xeMatch3.16.2s
OR
ciscoios_xeMatch3.16.3as
OR
ciscoios_xeMatch3.16.3s
OR
ciscoios_xeMatch3.16.4s
OR
ciscoios_xeMatch3.17.0s
OR
ciscoios_xeMatch3.17.1as
OR
ciscoios_xeMatch3.17.1s
OR
ciscoios_xeMatch3.17.2s
OR
ciscoios_xeMatch3.18.0s
OR
ciscoios_xeMatch3.18.0sp
OR
ciscoios_xeMatch3.18.1s
VendorProductVersionCPE
ciscoios_xe3.16.0cscpe:2.3:o:cisco:ios_xe:3.16.0cs:*:*:*:*:*:*:*
ciscoios_xe3.16.0scpe:2.3:o:cisco:ios_xe:3.16.0s:*:*:*:*:*:*:*
ciscoios_xe3.16.1ascpe:2.3:o:cisco:ios_xe:3.16.1as:*:*:*:*:*:*:*
ciscoios_xe3.16.1scpe:2.3:o:cisco:ios_xe:3.16.1s:*:*:*:*:*:*:*
ciscoios_xe3.16.2ascpe:2.3:o:cisco:ios_xe:3.16.2as:*:*:*:*:*:*:*
ciscoios_xe3.16.2bscpe:2.3:o:cisco:ios_xe:3.16.2bs:*:*:*:*:*:*:*
ciscoios_xe3.16.2scpe:2.3:o:cisco:ios_xe:3.16.2s:*:*:*:*:*:*:*
ciscoios_xe3.16.3ascpe:2.3:o:cisco:ios_xe:3.16.3as:*:*:*:*:*:*:*
ciscoios_xe3.16.3scpe:2.3:o:cisco:ios_xe:3.16.3s:*:*:*:*:*:*:*
ciscoios_xe3.16.4scpe:2.3:o:cisco:ios_xe:3.16.4s:*:*:*:*:*:*:*
Rows per page:
1-10 of 171

CNA Affected

[
  {
    "product": "Cisco IOS XE 3.16S, 3.17S, 3.18.0S, 3.18.1S, 3.18.0SP",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco IOS XE 3.16S, 3.17S, 3.18.0S, 3.18.1S, 3.18.0SP"
      }
    ]
  }
]

Social References

More

Related

nvd 1
cvelist 1
prion 1
cisco 1
openvas 1
nvd
nvd
CVE-2016-6438
2016-10-27 21:59:09
cvelist
cvelist
CVE-2016-6438
2016-10-27 21:00:00
prion
prion
Design/Logic Flaw
2016-10-27 21:59:00
cisco
cisco
Cisco cBR-8 Converged Broadband Router vty Integrity Vulnerability
2016-10-12 16:00:00
openvas
openvas
Cisco cBR-8 Converged Broadband Router vty Integrity Vulnerability
2016-10-14 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

5.7

Confidence

High

EPSS

0.003

Percentile

68.4%

JSON
Related for CVE-2016-6438
nvd1cvelist1prion1cisco1openvas1