8.3
CVE-2016-6380
- EPSS 1.67%
- Veröffentlicht 05.10.2016 20:59:04
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle psirt@cisco.com
- CVE-Watchlists
- Unerledigt
LoginThe DNS forwarder in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.15 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (data corruption or device reload) via a crafted DNS response, aka Bug ID CSCup90532.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Ios Xe 3.2ja Version3.2.0ja
Cisco ≫ Ios Xe 3.3sg Version3.3.0sg
Cisco ≫ Ios Xe 3.3sg Version3.3.1sg
Cisco ≫ Ios Xe 3.3sg Version3.3.2sg
Cisco ≫ Ios Xe 3.3xo Version3.3.0xo
Cisco ≫ Ios Xe 3.3xo Version3.3.1xo
Cisco ≫ Ios Xe 3.3xo Version3.3.2xo
Cisco ≫ Ios Xe 3.4sg Version3.4.0sg
Cisco ≫ Ios Xe 3.4sg Version3.4.1sg
Cisco ≫ Ios Xe 3.4sg Version3.4.2sg
Cisco ≫ Ios Xe 3.4sg Version3.4.3sg
Cisco ≫ Ios Xe 3.4sg Version3.4.4sg
Cisco ≫ Ios Xe 3.4sg Version3.4.5sg
Cisco ≫ Ios Xe 3.4sg Version3.4.6sg
Cisco ≫ Ios Xe 3.4sg Version3.4.7sg
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.67% | 0.815 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.1 | 2.2 | 5.9 |
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 8.3 | 8.6 | 8.5 |
AV:N/AC:M/Au:N/C:P/I:P/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.