CVE-2016-1426 - Vulnerability Details - OpenCVE

Cisco IOS XR 5.x through 5.2.5 on NCS 6000 devices allows remote attackers to cause a denial of service (timer consumption and Route Processor reload) via crafted SSH traffic, aka Bug ID CSCux76819.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Ios Xr Network Convergence System 6000

Configuration 1 [-]

AND

cpe:2.3:h:cisco:network_convergence_system_6000:-:*:*:*:*:*:*:*

OR	cpe:2.3:o:cisco:ios_xr:5.0.0:::::::*
	cpe:2.3:o:cisco:ios_xr:5.0.1:::::::*
	cpe:2.3:o:cisco:ios_xr:5.0_base:::::::*
	cpe:2.3:o:cisco:ios_xr:5.1.0:::::::*
	cpe:2.3:o:cisco:ios_xr:5.1.1:::::::*
	cpe:2.3:o:cisco:ios_xr:5.1.1.k9sec:::::::*
	cpe:2.3:o:cisco:ios_xr:5.1.2:::::::*
	cpe:2.3:o:cisco:ios_xr:5.1.3:::::::*
	cpe:2.3:o:cisco:ios_xr:5.2.0:::::::*
	cpe:2.3:o:cisco:ios_xr:5.2.1:::::::*
	cpe:2.3:o:cisco:ios_xr:5.2.2:::::::*
	cpe:2.3:o:cisco:ios_xr:5.2.3:::::::*
	cpe:2.3:o:cisco:ios_xr:5.2.4:::::::*
	cpe:2.3:o:cisco:ios_xr:5.2.5:::::::*

No data.

References

Link	Providers
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160713-ncs6k
http://www.securityfocus.com/bid/91748
http://www.securitytracker.com/id/1036295

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2016-07-15T16:00:00

Updated: 2024-08-05T22:55:14.548Z

Reserved: 2016-01-04T00:00:00

Link: CVE-2016-1426

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2016-07-15T16:59:00.157

Modified: 2025-04-12T10:46:40.837

Link: CVE-2016-1426

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-07-13T00:00:00", "descriptions": [{"lang": "en", "value": "Cisco IOS XR 5.x through 5.2.5 on NCS 6000 devices allows remote attackers to cause a denial of service (timer consumption and Route Processor reload) via crafted SSH traffic, aka Bug ID CSCux76819."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-31T09:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "91748", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/91748"}, {"name": "20160713 Cisco IOS XR for NCS 6000 Packet Timer Leak Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160713-ncs6k"}, {"name": "1036295", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1036295"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2016-1426", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cisco IOS XR 5.x through 5.2.5 on NCS 6000 devices allows remote attackers to cause a denial of service (timer consumption and Route Processor reload) via crafted SSH traffic, aka Bug ID CSCux76819."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "91748", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91748"}, {"name": "20160713 Cisco IOS XR for NCS 6000 Packet Timer Leak Denial of Service Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160713-ncs6k"}, {"name": "1036295", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036295"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T22:55:14.548Z"}, "title": "CVE Program Container", "references": [{"name": "91748", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/91748"}, {"name": "20160713 Cisco IOS XR for NCS 6000 Packet Timer Leak Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160713-ncs6k"}, {"name": "1036295", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1036295"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2016-1426", "datePublished": "2016-07-15T16:00:00", "dateReserved": "2016-01-04T00:00:00", "dateUpdated": "2024-08-05T22:55:14.548Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:network_convergence_system_6000:-:*:*:*:*:*:*:*", "matchCriteriaId": "AC9F2F14-8466-4093-9FB2-2831BDDF9C2E", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xr:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "F7620A88-C4B3-4184-846F-1E3FD8A751EB", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "96BFB5A5-EF04-4334-9A62-558A375DE768", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.0_base:*:*:*:*:*:*:*", "matchCriteriaId": "E833219C-7887-4A1C-B616-CDB1AFD7A366", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "9839DC3C-8B8A-49D5-9E50-BB7C4BCE5878", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "12A14B46-0EC9-4FE4-AD28-F0F7861465B1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.1.1.k9sec:*:*:*:*:*:*:*", "matchCriteriaId": "C754F1D8-81E5-45BB-A4E1-1F9D773F2979", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "61C1B066-9DED-46D7-9DF7-AB55DF01B80F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "53E2D669-70EA-455E-BC9C-E97065502DD1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "DE1DFA18-E6D7-4F1D-8D9B-70323B2983AC", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "95175A2E-14DB-4730-93EA-2291ED7E0DFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "AB5452CA-E4DF-49FD-A677-3F6257F14707", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "E5EFC65A-C469-4267-9C0B-DD25E2E8C0F4", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "7DABC2A4-B161-4597-B053-0ECEFCCDD89F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:5.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "A0B5C0F4-1BEC-4B54-ABF0-948CFF80E5E0", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cisco IOS XR 5.x through 5.2.5 on NCS 6000 devices allows remote attackers to cause a denial of service (timer consumption and Route Processor reload) via crafted SSH traffic, aka Bug ID CSCux76819."}, {"lang": "es", "value": "Cisco IOS XR 5.x hasta la versi\u00f3n 5.2.5 en dispositivos NCS 6000 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo del temporizador y recarga de Route Processor) a trav\u00e9s de tr\u00e1fico SSH manipulado, tambi\u00e9n conocido como Bug ID CSCux76819."}], "id": "CVE-2016-1426", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-07-15T16:59:00.157", "references": [{"source": "psirt@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160713-ncs6k"}, {"source": "psirt@cisco.com", "url": "http://www.securityfocus.com/bid/91748"}, {"source": "psirt@cisco.com", "url": "http://www.securitytracker.com/id/1036295"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160713-ncs6k"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/91748"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1036295"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}