CVE-2016-6438
Published Oct 27, 2016
Last updated 7 years ago
Overview
- Description
- A vulnerability in Cisco IOS XE Software running on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause a configuration integrity change to the vty line configuration on an affected device. This vulnerability affects the following releases of Cisco IOS XE Software running on Cisco cBR-8 Converged Broadband Routers: All 3.16S releases, All 3.17S releases, Release 3.18.0S, Release 3.18.1S, Release 3.18.0SP. More Information: CSCuz62815. Known Affected Releases: 15.5(3)S2.9, 15.6(2)SP. Known Fixed Releases: 15.6(1.7)SP1, 16.4(0.183), 16.5(0.1).
- Source
- ykramarz@cisco.com
- NVD status
- Modified
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 5.9
- Impact score
- 3.6
- Exploitability score
- 2.2
- Vector string
- CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-264
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.0cs:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5568EABF-8F43-4A87-8DE4-A03E9065BE53"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.0s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0E5BB91-B5E7-4961-87DC-26596E5EDED7"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.1as:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AC72AA6D-9E18-49F7-95CA-A4A5D7A60E4E"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.1s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D3822447-EB80-4DF2-B7F2-471F55BA99C0"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.2as:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BA0B441A-3A09-4A58-8A40-D463003A50BC"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.2bs:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51E1A64A-204D-4567-A2DC-EFEB2AE62B54"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.2s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "970FD986-6D0E-441C-9BF3-C66A25763A7A"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.3as:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7EEFD3AD-EFA2-4808-801E-B98E4C63AA76"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.3s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1826C997-6D5D-480E-A12E-3048B6C61216"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9FBEF4B2-EA12-445A-823E-E0E5343A405E"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.0s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "12793F39-13C4-4DBC-9B78-FE361BDDF89D"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.1as:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1AEF94C7-CEE6-4696-9F1D-549639A831C2"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.1s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "876767C7-0196-4226-92B1-DDE851B53655"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.17.2s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0141D67B-632F-48ED-8837-4CC799616C57"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.0s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE81AA43-88D4-4EFC-B8F6-A41EFF437819"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.0sp:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C18E6308-7A34-43E3-9AD8-5FB52B31ACB6"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6BEBCBF7-D1CF-488F-BB3E-F864F901A96A"
}
],
"operator": "OR"
}
]
}
]