7.8

CVE-2016-6385

Memory leak in the Smart Install client implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.2 through 3.8 allows remote attackers to cause a denial of service (memory consumption) via crafted image-list parameters, aka Bug ID CSCuy82367.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CiscoIos Xe Version3.2.0ja
CiscoIos Xe Version3.2.0se
CiscoIos Xe Version3.2.1se
CiscoIos Xe Version3.2.2se
CiscoIos Xe Version3.2.3se
CiscoIos Xe Version3.3.0se
CiscoIos Xe Version3.3.0xo
CiscoIos Xe Version3.3.1se
CiscoIos Xe Version3.3.1xo
CiscoIos Xe Version3.3.2se
CiscoIos Xe Version3.3.2xo
CiscoIos Xe Version3.3.3se
CiscoIos Xe Version3.3.4se
CiscoIos Xe Version3.3.5se
CiscoIos Xe Version3.5.0e
CiscoIos Xe Version3.5.1e
CiscoIos Xe Version3.5.2e
CiscoIos Xe Version3.5.3e
CiscoIos Xe Version3.6.0e
CiscoIos Xe Version3.6.1e
CiscoIos Xe Version3.6.2ae
CiscoIos Xe Version3.6.2e
CiscoIos Xe Version3.6.3e
CiscoIos Xe Version3.6.4e
CiscoIos Xe Version3.7.0e
CiscoIos Xe Version3.7.1e
CiscoIos Xe Version3.7.2e
CiscoIos Xe Version3.7.3e
CiscoIos Xe Version3.7.5e
CiscoIos Xe Version3.8.0e
CiscoIos Xe Version3.8.1e
CiscoIos Xe Version3.8.2e
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.49% 0.871
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
https://ics-cert.us-cert.gov/advisories/ICSA-16-287-04
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/93203
Third Party Advisory
VDB Entry