CVE-2016-8203 - Vulnerability Details - OpenCVE

A memory corruption in the IPsec code path of Brocade NetIron OS on Brocade MLXs 5.8.00 through 5.8.00e, 5.9.00 through 5.9.00bd, 6.0.00, and 6.0.00a images could allow attackers to cause a denial of service (line card reset) via certain constructed IPsec control packets.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Brocade	Netiron Os

Configuration 1 [-]

OR	cpe:2.3:o:brocade:netiron_os::::::::
	cpe:2.3:o:brocade:netiron_os::::::::
	cpe:2.3:o:brocade:netiron_os:6.0.00:::::::*
	cpe:2.3:o:brocade:netiron_os:6.0.00a:::::::*

No data.

References

Link	Providers
http://www.brocade.com/en/backend-content/pdf-page.html?/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2016-168.pdf
http://www.securityfocus.com/bid/94232
http://www.securitytracker.com/id/1037010

History

No history.

MITRE

Status: PUBLISHED

Assigner: brocade

Published: 2016-10-31T21:00:00

Updated: 2024-08-06T02:13:21.822Z

Reserved: 2016-09-13T00:00:00

Link: CVE-2016-8203

Vulnrichment

No data.

NVD

Status : Modified

Published: 2016-10-31T21:59:00.207

Modified: 2024-11-21T02:58:59.087

Link: CVE-2016-8203

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Brocade MLX running on NetIron OS All Brocade MLX Line Cards running NetIron OS 5.8.00 through 5.8.00e, 5.9.00 through 5.9.00bd, 6.0.00 and 6.0.00a images", "vendor": "n/a", "versions": [{"status": "affected", "version": "Brocade MLX running on NetIron OS All Brocade MLX Line Cards running NetIron OS 5.8.00 through 5.8.00e, 5.9.00 through 5.9.00bd, 6.0.00 and 6.0.00a images"}]}], "datePublic": "2016-10-31T00:00:00", "descriptions": [{"lang": "en", "value": "A memory corruption in the IPsec code path of Brocade NetIron OS on Brocade MLXs 5.8.00 through 5.8.00e, 5.9.00 through 5.9.00bd, 6.0.00, and 6.0.00a images could allow attackers to cause a denial of service (line card reset) via certain constructed IPsec control packets."}], "problemTypes": [{"descriptions": [{"description": "Memory Corruption", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T09:57:01", "orgId": "87b297d7-335e-4844-9551-11b97995a791", "shortName": "brocade"}, "references": [{"name": "94232", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/94232"}, {"name": "1037010", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1037010"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.brocade.com/en/backend-content/pdf-page.html?/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2016-168.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "sirt@brocade.com", "ID": "CVE-2016-8203", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Brocade MLX running on NetIron OS All Brocade MLX Line Cards running NetIron OS 5.8.00 through 5.8.00e, 5.9.00 through 5.9.00bd, 6.0.00 and 6.0.00a images", "version": {"version_data": [{"version_value": "Brocade MLX running on NetIron OS All Brocade MLX Line Cards running NetIron OS 5.8.00 through 5.8.00e, 5.9.00 through 5.9.00bd, 6.0.00 and 6.0.00a images"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A memory corruption in the IPsec code path of Brocade NetIron OS on Brocade MLXs 5.8.00 through 5.8.00e, 5.9.00 through 5.9.00bd, 6.0.00, and 6.0.00a images could allow attackers to cause a denial of service (line card reset) via certain constructed IPsec control packets."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Memory Corruption"}]}]}, "references": {"reference_data": [{"name": "94232", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94232"}, {"name": "1037010", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037010"}, {"name": "http://www.brocade.com/en/backend-content/pdf-page.html?/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2016-168.pdf", "refsource": "CONFIRM", "url": "http://www.brocade.com/en/backend-content/pdf-page.html?/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2016-168.pdf"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T02:13:21.822Z"}, "title": "CVE Program Container", "references": [{"name": "94232", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/94232"}, {"name": "1037010", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1037010"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.brocade.com/en/backend-content/pdf-page.html?/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2016-168.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "87b297d7-335e-4844-9551-11b97995a791", "assignerShortName": "brocade", "cveId": "CVE-2016-8203", "datePublished": "2016-10-31T21:00:00", "dateReserved": "2016-09-13T00:00:00", "dateUpdated": "2024-08-06T02:13:21.822Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:brocade:netiron_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "0F121CF6-4562-4ED0-9353-71432914FAF4", "versionEndIncluding": "5.8.00e", "vulnerable": true}, {"criteria": "cpe:2.3:o:brocade:netiron_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "A7ED12F6-D5B4-426A-A7CA-299CA9891FE7", "versionEndIncluding": "5.9.00bd", "vulnerable": true}, {"criteria": "cpe:2.3:o:brocade:netiron_os:6.0.00:*:*:*:*:*:*:*", "matchCriteriaId": "4030CAB0-B1F5-4656-AFBF-36877F64D504", "vulnerable": true}, {"criteria": "cpe:2.3:o:brocade:netiron_os:6.0.00a:*:*:*:*:*:*:*", "matchCriteriaId": "BDE6B33B-C0A4-4499-B37B-5463A3926852", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A memory corruption in the IPsec code path of Brocade NetIron OS on Brocade MLXs 5.8.00 through 5.8.00e, 5.9.00 through 5.9.00bd, 6.0.00, and 6.0.00a images could allow attackers to cause a denial of service (line card reset) via certain constructed IPsec control packets."}, {"lang": "es", "value": "Una corrupci\u00f3n de memoria en la ruta de c\u00f3digo IPsec de Brocade NetIron OS en Brocade MLXs 5.8.00 hasta la versi\u00f3n 5.8.00e, 5.9.00 hasta la versi\u00f3n 5.9.00bd, 6.0.00 y 6.0.00a im\u00e1genes podr\u00edan permitir a los atacantes provocar una denegaci\u00f3n de servicio (reinicio de tarjeta en l\u00ednea) a trav\u00e9s de ciertos paquetes de control IPsec construidos."}], "id": "CVE-2016-8203", "lastModified": "2024-11-21T02:58:59.087", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-10-31T21:59:00.207", "references": [{"source": "sirt@brocade.com", "tags": ["Vendor Advisory"], "url": "http://www.brocade.com/en/backend-content/pdf-page.html?/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2016-168.pdf"}, {"source": "sirt@brocade.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/94232"}, {"source": "sirt@brocade.com", "url": "http://www.securitytracker.com/id/1037010"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.brocade.com/en/backend-content/pdf-page.html?/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2016-168.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/94232"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1037010"}], "sourceIdentifier": "sirt@brocade.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}