CVE-2016-1361 - Vulnerability Details

Vendors	Products
Cisco	Ios Xr Xr 12404 Xr 12406 Xr 12410 Xr 12416

Link	Providers
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsr
http://www.securitytracker.com/id/1035314

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-03-11T00:00:00", "descriptions": [{"lang": "en", "value": "Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of service (line-card restart) via a crafted packet, aka Bug ID CSCuw56900."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-01T15:57:02", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "1035314", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1035314"}, {"name": "20160311 Cisco Gigabit Switch Router 12000 Series Routers Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsr"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2016-1361", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of service (line-card restart) via a crafted packet, aka Bug ID CSCuw56900."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1035314", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035314"}, {"name": "20160311 Cisco Gigabit Switch Router 12000 Series Routers Denial of Service Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsr"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T22:55:14.080Z"}, "title": "CVE Program Container", "references": [{"name": "1035314", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1035314"}, {"name": "20160311 Cisco Gigabit Switch Router 12000 Series Routers Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsr"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2016-1361", "datePublished": "2016-03-12T02:00:00", "dateReserved": "2016-01-04T00:00:00", "dateUpdated": "2024-08-05T22:55:14.080Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2016-03-11T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of service (line-card restart) via a crafted packet, aka Bug ID CSCuw56900. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2016-12-01T15:57:02 (string)

orgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

shortName : cisco (string)

}

references : [ »

0 : { »

name : 1035314 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

]

url : http://www.securitytracker.com/id/1035314 (string)

}

1 : { »

name : 20160311 Cisco Gigabit Switch Router 12000 Series Routers Denial of Service Vulnerability (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsr (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : psirt@cisco.com (string)

ID : CVE-2016-1361 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of service (line-card restart) via a crafted packet, aka Bug ID CSCuw56900. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : 1035314 (string)

refsource : SECTRACK (string)

url : http://www.securitytracker.com/id/1035314 (string)

}

1 : { »

name : 20160311 Cisco Gigabit Switch Router 12000 Series Routers Denial of Service Vulnerability (string)

refsource : CISCO (string)

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsr (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-05T22:55:14.080Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : 1035314 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

2 : x_transferred (string)

]

url : http://www.securitytracker.com/id/1035314 (string)

}

1 : { »

name : 20160311 Cisco Gigabit Switch Router 12000 Series Routers Denial of Service Vulnerability (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

2 : x_transferred (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsr (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

assignerShortName : cisco (string)

cveId : CVE-2016-1361 (string)

datePublished : 2016-03-12T02:00:00 (string)

dateReserved : 2016-01-04T00:00:00 (string)

dateUpdated : 2024-08-05T22:55:14.080Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xr:3.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "8E1811B6-737F-407C-8AB0-63E6B031D5AD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "81797938-F953-42BE-B287-AA48B9860AF6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "92AED038-C73F-4499-B064-F01D80DB0C64", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "CB7A249B-AF69-47D0-B6DE-968B4CD0BA42", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "C5F15240-6323-4766-801A-D887F3EA8A6B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "D99DC1CF-78DC-4E59-98BA-DD84702D6467", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "0B9FA754-E3D2-4D80-8F4B-41139973D9FC", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "F497A05C-2FC5-427D-8036-2476ACA956C0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2252E7B0-9112-4E9E-8CF4-4EC53C630CFD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "1131A524-AA7A-4C94-9FFE-54546EA7D2CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "46D1A634-D39C-4305-8915-4AA289FB68EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "21BAB799-3150-46D8-AEA3-9FCC73203221", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "99042285-94AC-4C57-8EAA-EE63C678A94A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "96F48419-AF66-4B50-ACBF-9E38287A64FA", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "EBB71A24-AA6C-4BAD-BD37-5C191751C9DF", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "3A20B6A9-27B7-4F42-B88D-F4AACC9BC24D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "9B9A223A-7A0A-4E31-B8A1-C809373A799D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "1ECAB9C3-9248-4663-ABAE-31FFC969EF3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "10596213-9D2B-48A3-A733-744D41E90419", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:3.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "A07DCCD1-85D5-4ED2-B845-8C6EAC7E9D9B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F57421B-F54C-4C50-8B25-AF787E541C5A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3A865225-6AEA-430D-8DB6-E70F7ED5E547", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "39F8B336-0DFA-41CE-9EFF-89A09BBDC6D6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5BFD77AF-358B-4385-BA8E-1BE9AC166825", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "8E593EF3-133A-4E15-9B86-6B451F5C0159", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "3BB49EB2-2D99-4C45-80B7-48299A1EBF30", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB6ABB63-E2D2-42F7-B648-BF6002D1C05E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "58FEC4F2-040A-4D23-8FE0-BC55020766BB", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:4.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "82520CBD-F42F-4E2D-9D36-878737779690", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "4DB87708-B088-47F7-BABA-2CD456766897", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "AFC1194B-56AC-4850-88B0-5EDFF92FABFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:4.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "074571B4-65EF-451A-89DC-0797F6E4BFEA", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:4.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D909532E-85F5-4201-8BFF-561A21998D97", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios_xr:4.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "73D962D3-563F-4CDE-B51D-224D7995FBC9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:xr_12404:*:*:*:*:*:*:*:*", "matchCriteriaId": "54D5CEDE-699C-496E-95CF-BEF9BCF55981", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:xr_12406:*:*:*:*:*:*:*:*", "matchCriteriaId": "4C32030A-3F87-4F01-AA86-493C8F93F777", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:xr_12410:*:*:*:*:*:*:*:*", "matchCriteriaId": "F5CEC5B1-0595-4163-A458-D4FF29F4E117", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:xr_12416:*:*:*:*:*:*:*:*", "matchCriteriaId": "DAD5FA50-0753-43EA-8D07-8F5D719E394D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of service (line-card restart) via a crafted packet, aka Bug ID CSCuw56900."}, {"lang": "es", "value": "Cisco IOS XR hasta la versi\u00f3n 4.3.2 en dispositivos Gigabit Switch Router (GSR) 12000 no verifica adecuadamente para una cabecera Bidirectional Forwarding Detection (BFD) en un paquete UDP, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio de tarjeta en l\u00ednea) a trav\u00e9s de un paquete manipulado, tambi\u00e9n conocida como Bug ID CSCuw56900."}], "id": "CVE-2016-1361", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.6, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.2, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-03-12T02:59:04.910", "references": [{"source": "psirt@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsr"}, {"source": "psirt@cisco.com", "url": "http://www.securitytracker.com/id/1035314"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsr"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1035314"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:cisco:ios_xr:3.3.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 8E1811B6-737F-407C-8AB0-63E6B031D5AD (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:cisco:ios_xr:3.4.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 81797938-F953-42BE-B287-AA48B9860AF6 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:cisco:ios_xr:3.4.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 92AED038-C73F-4499-B064-F01D80DB0C64 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:cisco:ios_xr:3.4.3:*:*:*:*:*:*:* (string)

matchCriteriaId : CB7A249B-AF69-47D0-B6DE-968B4CD0BA42 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:cisco:ios_xr:3.5.2:*:*:*:*:*:*:* (string)

matchCriteriaId : C5F15240-6323-4766-801A-D887F3EA8A6B (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:cisco:ios_xr:3.5.3:*:*:*:*:*:*:* (string)

matchCriteriaId : D99DC1CF-78DC-4E59-98BA-DD84702D6467 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:cisco:ios_xr:3.5.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 0B9FA754-E3D2-4D80-8F4B-41139973D9FC (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:cisco:ios_xr:3.6.0:*:*:*:*:*:*:* (string)

matchCriteriaId : F497A05C-2FC5-427D-8036-2476ACA956C0 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:o:cisco:ios_xr:3.6.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 2252E7B0-9112-4E9E-8CF4-4EC53C630CFD (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:o:cisco:ios_xr:3.6.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 1131A524-AA7A-4C94-9FFE-54546EA7D2CC (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:o:cisco:ios_xr:3.6.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 46D1A634-D39C-4305-8915-4AA289FB68EE (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:o:cisco:ios_xr:3.7.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 21BAB799-3150-46D8-AEA3-9FCC73203221 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:o:cisco:ios_xr:3.7.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 99042285-94AC-4C57-8EAA-EE63C678A94A (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:o:cisco:ios_xr:3.8.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 96F48419-AF66-4B50-ACBF-9E38287A64FA (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:o:cisco:ios_xr:3.8.1:*:*:*:*:*:*:* (string)

matchCriteriaId : EBB71A24-AA6C-4BAD-BD37-5C191751C9DF (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:o:cisco:ios_xr:3.8.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 3A20B6A9-27B7-4F42-B88D-F4AACC9BC24D (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:o:cisco:ios_xr:3.8.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 9B9A223A-7A0A-4E31-B8A1-C809373A799D (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:o:cisco:ios_xr:3.9.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 1ECAB9C3-9248-4663-ABAE-31FFC969EF3A (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:o:cisco:ios_xr:3.9.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 10596213-9D2B-48A3-A733-744D41E90419 (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:o:cisco:ios_xr:3.9.2:*:*:*:*:*:*:* (string)

matchCriteriaId : A07DCCD1-85D5-4ED2-B845-8C6EAC7E9D9B (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:o:cisco:ios_xr:4.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 7F57421B-F54C-4C50-8B25-AF787E541C5A (string)

vulnerable : true (boolean)

}

21 : { »

criteria : cpe:2.3:o:cisco:ios_xr:4.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 3A865225-6AEA-430D-8DB6-E70F7ED5E547 (string)

vulnerable : true (boolean)

}

22 : { »

criteria : cpe:2.3:o:cisco:ios_xr:4.0.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 39F8B336-0DFA-41CE-9EFF-89A09BBDC6D6 (string)

vulnerable : true (boolean)

}

23 : { »

criteria : cpe:2.3:o:cisco:ios_xr:4.1.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 5BFD77AF-358B-4385-BA8E-1BE9AC166825 (string)

vulnerable : true (boolean)

}

24 : { »

criteria : cpe:2.3:o:cisco:ios_xr:4.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 8E593EF3-133A-4E15-9B86-6B451F5C0159 (string)

vulnerable : true (boolean)

}

25 : { »

criteria : cpe:2.3:o:cisco:ios_xr:4.1.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 3BB49EB2-2D99-4C45-80B7-48299A1EBF30 (string)

vulnerable : true (boolean)

}

26 : { »

criteria : cpe:2.3:o:cisco:ios_xr:4.2.0:*:*:*:*:*:*:* (string)

matchCriteriaId : FB6ABB63-E2D2-42F7-B648-BF6002D1C05E (string)

vulnerable : true (boolean)

}

27 : { »

criteria : cpe:2.3:o:cisco:ios_xr:4.2.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 58FEC4F2-040A-4D23-8FE0-BC55020766BB (string)

vulnerable : true (boolean)

}

28 : { »

criteria : cpe:2.3:o:cisco:ios_xr:4.2.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 82520CBD-F42F-4E2D-9D36-878737779690 (string)

vulnerable : true (boolean)

}

29 : { »

criteria : cpe:2.3:o:cisco:ios_xr:4.2.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 4DB87708-B088-47F7-BABA-2CD456766897 (string)

vulnerable : true (boolean)

}

30 : { »

criteria : cpe:2.3:o:cisco:ios_xr:4.2.4:*:*:*:*:*:*:* (string)

matchCriteriaId : AFC1194B-56AC-4850-88B0-5EDFF92FABFC (string)

vulnerable : true (boolean)

}

31 : { »

criteria : cpe:2.3:o:cisco:ios_xr:4.3.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 074571B4-65EF-451A-89DC-0797F6E4BFEA (string)

vulnerable : true (boolean)

}

32 : { »

criteria : cpe:2.3:o:cisco:ios_xr:4.3.1:*:*:*:*:*:*:* (string)

matchCriteriaId : D909532E-85F5-4201-8BFF-561A21998D97 (string)

vulnerable : true (boolean)

}

33 : { »

criteria : cpe:2.3:o:cisco:ios_xr:4.3.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 73D962D3-563F-4CDE-B51D-224D7995FBC9 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:cisco:xr_12404:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 54D5CEDE-699C-496E-95CF-BEF9BCF55981 (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:h:cisco:xr_12406:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 4C32030A-3F87-4F01-AA86-493C8F93F777 (string)

vulnerable : false (boolean)

}

2 : { »

criteria : cpe:2.3:h:cisco:xr_12410:*:*:*:*:*:*:*:* (string)

matchCriteriaId : F5CEC5B1-0595-4163-A458-D4FF29F4E117 (string)

vulnerable : false (boolean)

}

3 : { »

criteria : cpe:2.3:h:cisco:xr_12416:*:*:*:*:*:*:*:* (string)

matchCriteriaId : DAD5FA50-0753-43EA-8D07-8F5D719E394D (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of service (line-card restart) via a crafted packet, aka Bug ID CSCuw56900. (string)

}

1 : { »

lang : es (string)

value : Cisco IOS XR hasta la versión 4.3.2 en dispositivos Gigabit Switch Router (GSR) 12000 no verifica adecuadamente para una cabecera Bidirectional Forwarding Detection (BFD) en un paquete UDP, lo que permite a atacantes remotos provocar una denegación de servicio (reinicio de tarjeta en línea) a través de un paquete manipulado, también conocida como Bug ID CSCuw56900. (string)

}

]

id : CVE-2016-1361 (string)

lastModified : 2025-04-12T10:46:40.837 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : HIGH (string)

accessVector : ADJACENT_NETWORK (string)

authentication : NONE (string)

availabilityImpact : COMPLETE (string)

baseScore : 4.6 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:A/AC:H/Au:N/C:N/I:N/A:C (string)

version : 2.0 (string)

}

exploitabilityScore : 3.2 (number)

impactScore : 6.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : HIGH (string)

attackVector : ADJACENT_NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 5.3 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.0 (string)

}

exploitabilityScore : 1.6 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2016-03-12T02:59:04.910 (string)

references : [ »

0 : { »

source : psirt@cisco.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsr (string)

}

1 : { »

source : psirt@cisco.com (string)

url : http://www.securitytracker.com/id/1035314 (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160311-gsr (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securitytracker.com/id/1035314 (string)

}

]

sourceIdentifier : psirt@cisco.com (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-399 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Adjacent Network

Access Complexity High

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

Metrics

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Adjacent Network

Access Complexity High

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object