CVE-2016-6378 : Cisco IOS XE 3.1 through 3.17 and 16.1 through 16.2 allows remote attackers to cause a denial of service (device reload)

Cisco IOS XE 3.1 through 3.17 and 16.1 through 16.2 allows remote attackers to cause a denial of service (device reload) via crafted ICMP packets that require NAT, aka Bug ID CSCuw85853.

Published 2016-10-05 20:59:02

Updated 2017-07-30 01:29:10

Source Cisco Systems, Inc.

View at NVD, CVE.org

Vulnerability category: Denial of service

Exploit prediction scoring system (EPSS) score for CVE-2016-6378

Probability of exploitation activity in the next 30 days: 0.56%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 75 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2016-6378

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.8	HIGH	AV:N/AC:L/Au:N/C:N/I:N/A:C	10.0	6.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete
7.5	HIGH	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	3.9	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2016-6378

CWE-399

Assigned by: nvd@nist.gov (Primary)

References for CVE-2016-6378

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-esp-nat

Cisco IOS XE Software NAT Denial of Service Vulnerability
Vendor Advisory
http://www.securitytracker.com/id/1036914

Cisco IOS/IOS XE Multiple Flaws Let Remote Users Cause the Target System to Reload - SecurityTracker

CVEs referencing this url
http://www.securityfocus.com/bid/93200

Cisco IOS XE Software CVE-2016-6378 Denial of Service Vulnerability

Products affected by CVE-2016-6378

Cisco » Ios Xe » Version: 3.1.3s
cpe:2.3:o:cisco:ios_xe:3.1.3s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.1.4s
cpe:2.3:o:cisco:ios_xe:3.1.4s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.2.1s
cpe:2.3:o:cisco:ios_xe:3.2.1s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.2.2s
cpe:2.3:o:cisco:ios_xe:3.2.2s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.3.0s
cpe:2.3:o:cisco:ios_xe:3.3.0s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.4.1s
cpe:2.3:o:cisco:ios_xe:3.4.1s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.3.1s
cpe:2.3:o:cisco:ios_xe:3.3.1s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.3.2s
cpe:2.3:o:cisco:ios_xe:3.3.2s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.5.0s
cpe:2.3:o:cisco:ios_xe:3.5.0s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.4.0s
cpe:2.3:o:cisco:ios_xe:3.4.0s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.5.1s
cpe:2.3:o:cisco:ios_xe:3.5.1s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.4.2s
cpe:2.3:o:cisco:ios_xe:3.4.2s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.5.2s
cpe:2.3:o:cisco:ios_xe:3.5.2s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.4.3s
cpe:2.3:o:cisco:ios_xe:3.4.3s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.7.1s
cpe:2.3:o:cisco:ios_xe:3.7.1s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.7.2s
cpe:2.3:o:cisco:ios_xe:3.7.2s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.6.0s
cpe:2.3:o:cisco:ios_xe:3.6.0s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.6.1s
cpe:2.3:o:cisco:ios_xe:3.6.1s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.6.2s
cpe:2.3:o:cisco:ios_xe:3.6.2s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.7.0s
cpe:2.3:o:cisco:ios_xe:3.7.0s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.4.5s
cpe:2.3:o:cisco:ios_xe:3.4.5s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.9.0s
cpe:2.3:o:cisco:ios_xe:3.9.0s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.4.4s
cpe:2.3:o:cisco:ios_xe:3.4.4s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.8.0s
cpe:2.3:o:cisco:ios_xe:3.8.0s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.9.1s
cpe:2.3:o:cisco:ios_xe:3.9.1s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.10.1s
cpe:2.3:o:cisco:ios_xe:3.10.1s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.10.0s
cpe:2.3:o:cisco:ios_xe:3.10.0s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.10.2s
cpe:2.3:o:cisco:ios_xe:3.10.2s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.11.0s
cpe:2.3:o:cisco:ios_xe:3.11.0s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.11.1s
cpe:2.3:o:cisco:ios_xe:3.11.1s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.11.2s
cpe:2.3:o:cisco:ios_xe:3.11.2s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.9.0as
cpe:2.3:o:cisco:ios_xe:3.9.0as:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.9.2s
cpe:2.3:o:cisco:ios_xe:3.9.2s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.9.1as
cpe:2.3:o:cisco:ios_xe:3.9.1as:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.8.2s
cpe:2.3:o:cisco:ios_xe:3.8.2s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.8.1s
cpe:2.3:o:cisco:ios_xe:3.8.1s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.7.2ts
cpe:2.3:o:cisco:ios_xe:3.7.2ts:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.13.0as
cpe:2.3:o:cisco:ios_xe:3.13.0as:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.17.0s
cpe:2.3:o:cisco:ios_xe:3.17.0s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.10.2ts
cpe:2.3:o:cisco:ios_xe:3.10.2ts:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.15.1s
cpe:2.3:o:cisco:ios_xe:3.15.1s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.13.3s
cpe:2.3:o:cisco:ios_xe:3.13.3s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.14.2s
cpe:2.3:o:cisco:ios_xe:3.14.2s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.11.4s
cpe:2.3:o:cisco:ios_xe:3.11.4s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.12.3s
cpe:2.3:o:cisco:ios_xe:3.12.3s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.13.2s
cpe:2.3:o:cisco:ios_xe:3.13.2s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.12.0s
cpe:2.3:o:cisco:ios_xe:3.12.0s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.10.6s
cpe:2.3:o:cisco:ios_xe:3.10.6s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.7.7s
cpe:2.3:o:cisco:ios_xe:3.7.7s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.13.1s
cpe:2.3:o:cisco:ios_xe:3.13.1s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.7.6s
cpe:2.3:o:cisco:ios_xe:3.7.6s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.7.5s
cpe:2.3:o:cisco:ios_xe:3.7.5s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.7.4s
cpe:2.3:o:cisco:ios_xe:3.7.4s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.15.1cs
cpe:2.3:o:cisco:ios_xe:3.15.1cs:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.13.2as
cpe:2.3:o:cisco:ios_xe:3.13.2as:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.12.4s
cpe:2.3:o:cisco:ios_xe:3.12.4s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.12.0as
cpe:2.3:o:cisco:ios_xe:3.12.0as:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.16.0s
cpe:2.3:o:cisco:ios_xe:3.16.0s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.14.3s
cpe:2.3:o:cisco:ios_xe:3.14.3s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.15.0s
cpe:2.3:o:cisco:ios_xe:3.15.0s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.14.0s
cpe:2.3:o:cisco:ios_xe:3.14.0s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.11.3s
cpe:2.3:o:cisco:ios_xe:3.11.3s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.10.5s
cpe:2.3:o:cisco:ios_xe:3.10.5s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.13.0s
cpe:2.3:o:cisco:ios_xe:3.13.0s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.7.0bs
cpe:2.3:o:cisco:ios_xe:3.7.0bs:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.7.4as
cpe:2.3:o:cisco:ios_xe:3.7.4as:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.16.0cs
cpe:2.3:o:cisco:ios_xe:3.16.0cs:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.15.3s
cpe:2.3:o:cisco:ios_xe:3.15.3s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.16.1as
cpe:2.3:o:cisco:ios_xe:3.16.1as:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.13.4s
cpe:2.3:o:cisco:ios_xe:3.13.4s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.16.1s
cpe:2.3:o:cisco:ios_xe:3.16.1s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.15.2s
cpe:2.3:o:cisco:ios_xe:3.15.2s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.14.1s
cpe:2.3:o:cisco:ios_xe:3.14.1s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.12.2s
cpe:2.3:o:cisco:ios_xe:3.12.2s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.12.1s
cpe:2.3:o:cisco:ios_xe:3.12.1s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.10.4s
cpe:2.3:o:cisco:ios_xe:3.10.4s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.10.3s
cpe:2.3:o:cisco:ios_xe:3.10.3s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.7.3s
cpe:2.3:o:cisco:ios_xe:3.7.3s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.4.6s
cpe:2.3:o:cisco:ios_xe:3.4.6s:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 3.1.4as
cpe:2.3:o:cisco:ios_xe:3.1.4as:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 16.1.3
cpe:2.3:o:cisco:ios_xe:16.1.3:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 16.2.1
cpe:2.3:o:cisco:ios_xe:16.2.1:*:*:*:*:*:*:*
Matching versions
Cisco » Ios Xe » Version: 16.1.4
cpe:2.3:o:cisco:ios_xe:16.1.4:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2016-6378

Exploit prediction scoring system (EPSS) score for CVE-2016-6378

CVSS scores for CVE-2016-6378

CWE ids for CVE-2016-6378

References for CVE-2016-6378

Products affected by CVE-2016-6378