Vulnerability Details : CVE-2016-9211
A vulnerability in TCP port management in Cisco ONS 15454 Series Multiservice Provisioning Platforms could allow an unauthenticated, remote attacker to cause the controller card to unexpectedly reload. More Information: CSCuw26032. Known Affected Releases: 10.51.
Vulnerability category: Input validation
Products affected by CVE-2016-9211
- cpe:2.3:a:cisco:ons_15454_sdh_multiservice_platform_software:10.51.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-9211
0.30%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 69 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-9211
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2016-9211
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-9211
-
http://www.securitytracker.com/id/1037425
Cisco ONS 15454 Lets Remote Users Cause the Target Controller Card to Reset - SecurityTrackerThird Party Advisory;VDB Entry
-
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-cons
Cisco ONS 15454 Series Multiservice Provisioning Platforms TCP Port Management Denial of Service VulnerabilityMitigation;Vendor Advisory
-
http://www.securityfocus.com/bid/94795
Cisco ONS 15454 Series Multiservice Provisioning Platforms Denial of Service VulnerabilityThird Party Advisory;VDB Entry
Jump to