CVE-2016-1397

Published Jun 19, 2016

Last updated 7 years ago

CVSS medium 6.5

Overview

Description: Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote authenticated users to cause a denial of service (device reload) via crafted configuration commands in an HTTP request, aka Bug ID CSCux82523.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 6.5
Impact score: 3.6
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.9
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:rv215w_wireless-n_vpn_router:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BE146ECF-BE5C-4CA1-A325-C3402F540FBB"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:rv215w_wireless-n_vpn_router_firmware:1.1.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25E45E45-4533-4E9E-B542-606B9EAB3D69"
          },
          {
            "criteria": "cpe:2.3:o:cisco:rv215w_wireless-n_vpn_router_firmware:1.1.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58A90A10-CC3F-4743-8FAA-0C8CDCFC1BBD"
          },
          {
            "criteria": "cpe:2.3:o:cisco:rv215w_wireless-n_vpn_router_firmware:1.2.0.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "89375F30-1ACD-46AF-898F-176546BFF078"
          },
          {
            "criteria": "cpe:2.3:o:cisco:rv215w_wireless-n_vpn_router_firmware:1.2.0.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A9FB3B1-1669-4B07-849C-7DAF013234F2"
          },
          {
            "criteria": "cpe:2.3:o:cisco:rv215w_wireless-n_vpn_router_firmware:1.3.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "939B5242-6224-4BA7-88CA-467D5350987A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:rv110w_wireless-n_vpn_firewall:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CA92B2A4-A9D9-4BF5-A687-848917283E8C"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:rv110w_wireless-n_vpn_firewall_firmware:1.1.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "482ABE1F-7DEF-4E24-9696-8030DAD98598"
          },
          {
            "criteria": "cpe:2.3:o:cisco:rv110w_wireless-n_vpn_firewall_firmware:1.2.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E4C8D001-6827-4DB4-AC6D-83365FD622A4"
          },
          {
            "criteria": "cpe:2.3:o:cisco:rv110w_wireless-n_vpn_firewall_firmware:1.2.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF38D8F0-2400-431A-8BFA-48E5D9CB7E33"
          },
          {
            "criteria": "cpe:2.3:o:cisco:rv110w_wireless-n_vpn_firewall_firmware:1.2.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D0624E0-993B-43AE-9D61-4DCA3E39ADAB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:rv130w_wireless-n_multifunction_vpn_router:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BD30B0C7-E04A-4B05-82D1-9DA487F8639D"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:rv130w_wireless-n_multifunction_vpn_router_firmware:1.0.0.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0081BB31-AA51-4E6F-BDC0-62F4E4388F5B"
          },
          {
            "criteria": "cpe:2.3:o:cisco:rv130w_wireless-n_multifunction_vpn_router_firmware:1.0.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A9638155-20F1-469E-B13C-2334713B8CAD"
          },
          {
            "criteria": "cpe:2.3:o:cisco:rv130w_wireless-n_multifunction_vpn_router_firmware:1.0.2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1BAB434B-FADE-40F4-9478-1DC063FE0F2C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References