CVE-2016-6399

Published Sep 12, 2016
Last updated 8 years ago
CVSS high 7.5
Overview

Description: Cisco ACE30 Application Control Engine Module through A5 3.3 and ACE 4700 Application Control Engine appliances through A5 3.3 allow remote attackers to cause a denial of service (device reload) via crafted (1) SSL or (2) TLS packets, aka Bug ID CSCvb16317.
Source: ykramarz@cisco.com
NVD status: Modified
Risk scores

CVSS 3.0

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C
Weaknesses

nvd@nist.gov: CWE-20
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a1:7a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36B95E42-77DA-4AFB-A159-7809CD95D24B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a1:7b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "968D39EB-5481-4698-B3A9-C2E90BFD88FB"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a1:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3DE5326B-B86B-434B-B86A-8703CD1CA872"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a1:8.0a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0625AAB8-ADA5-4495-8A01-87DAE0C573B5"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a3:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3583B054-0D5D-41AD-8508-0E5D87491045"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a3:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F7170B3-B3DA-4667-8ADE-09EA0D17C37F"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a3:2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D9DE45DC-11D4-429C-890F-F9E117930AF7"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a3:2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "680510A7-CF93-4C86-A556-F0C9511AF3B5"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a3:2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C10C1C9-356A-4D47-BB4B-58AD940199E7"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a3:2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "521441F7-8388-4F58-A262-6B8057209FDB"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a3:2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09CB323B-7913-4B2F-AE69-95D34ED6A83F"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a3:2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7722C303-3AE4-4078-947B-7A648FC5477E"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a4:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0786FAF6-44D0-4F2E-952E-2CE4CEE30A26"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a4:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DAB9C402-2A7B-4701-A260-46C6D0E63050"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a4:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F40CA11-A160-4307-9305-28DA4938945B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a4:2.1a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "430CA0DA-0402-4FFB-9170-7F08DE70C36C"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a4:2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "17BEDD60-ACF6-441E-85B0-8E93C6F5CE41"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a4:2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BF39113-6665-484B-AA2E-2FB49BCDEC51"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a5:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07AABE9B-4A09-477F-A139-7CB40C14AA55"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a5:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0FF5BA5-AC61-4244-A7C2-F9811AD13C9C"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a5:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F571AD7F-14B9-498C-8F06-D1DF61B6EF35"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a5:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56B2425F-7EFA-4599-8A7E-2B0454A58077"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a5:2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8A6203D-DF5E-46B9-BFCD-D41FC729193F"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a5:2.1e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDB594F8-3673-42E8-8E8B-996DEA75E815"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a5:3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FEFB0D00-A082-4930-9D6D-CFB1CDB632EA"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a5:3.1a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E975AAC-A44A-4042-80F5-959989B785AC"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a5:3.1b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46FEAE36-71F8-40C9-954C-42B57CC1BE8B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a5:3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FAB49D71-F1FD-43E3-A245-50E4A2F62606"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ace_application_control_engine_module_a5:3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "428DCAD9-B5AD-45DC-91D7-27535F286957"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance:a5\\(1.0\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2091508E-84D9-496B-B4E1-9BAC927F982A"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance:a5\\(1.1\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2AB7E381-E849-42F6-8201-E32D1747E06E"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance:a5\\(1.2\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F266A5E5-9455-4EC5-BBF2-AAA2CA2A60AB"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance:a5\\(2.0\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A23695F0-B2FE-46F1-9328-56B1EF00A112"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance:a5\\(2.1\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4239B16-7380-48E4-992D-479351DF1AC9"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance:a5\\(2.1e\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E476F81E-7F90-442A-8FF1-45FCFCF096C4"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance:a5\\(3.0\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6351F63A-D5B2-4EE3-AC7D-3CDA0A217E5E"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance:a5_base:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4CE7CF67-7B2F-40A1-8F52-639483094568"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a1:7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED884ACC-89C8-461D-A238-36316F507441"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a1:7a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8EE014E6-0224-402B-AFF0-7B7FA67382A7"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a1:7b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C8FF44C-CC30-43F7-832E-C88390482CA8"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a1:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F7DF627-2A9D-42CD-9929-26A32E687F00"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a1:8.0a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA7B42BF-80B8-40AB-BAF9-9E73216F8524"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a3:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE68EF35-7CD7-49A3-A143-4C47012C012D"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a3:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ABAB9218-3909-4B08-92EC-8431FC5C8D76"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a3:2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A4F2BEAC-D53A-4630-8530-ED24ACC820A4"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a3:2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "659F4ACE-9564-45AC-B85D-D0625853FFA7"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a3:2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B2539AF6-E914-4279-A54D-2E7652AFD7D0"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a3:2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2917FB57-2BBF-4A77-AEE7-C6D660D44A20"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a3:2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1863CF65-736C-44BD-80A2-B9DE33A4797A"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a3:2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2ABB8883-0476-4E83-9F75-40ABFF806786"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a4:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F8264DF-8037-4A4C-8C08-E332E9649347"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a4:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1B4DC4A0-44E9-41C1-99A7-82499AC8577B"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a4:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38482D95-999B-4A40-A37A-71150E48ED50"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a4:2.1a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90762C72-8DA2-446C-B3A8-DC9DCB33DD06"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a4:2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DD6BAEB1-8271-475F-ADD0-D3EDF0773DF4"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a4:2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7CDF5356-429E-4CD5-8031-5E52CF3FF118"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a5:3.1a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39AB46CA-9775-4EC8-8419-13B0224251BE"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a5:3.1b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E50A418B-1AC6-40BA-B80B-29313C95F030"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a5:3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C673B2B9-2A26-47C2-B553-2AE8A41916AC"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ace_4700_series_application_control_engine_appliance_a5:3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3AD80BBE-813F-4B2E-B05D-3A96686FA8D4"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
