ID
VAR-201603-0296
CVE
CVE-2016-1347
TITLE
Cisco IOS Software Wide Area Application Services Express Denial of Service Vulnerability
Trust: 1.2
sources:
CNVD: CNVD-2016-01886 //
CNNVD: CNNVD-201603-360
DESCRIPTION
The Wide Area Application Services (WAAS) Express implementation in Cisco IOS 15.1 through 15.5 allows remote attackers to cause a denial of service (device reload) via a crafted TCP segment, aka Bug ID CSCuq59708. Cisco IOS is an operating system developed by Cisco Systems for its network devices. CiscoWideAreaApplicationServicesExpress is a product of CiscoWAAS based on IOS and integrated into the router to provide application acceleration and reduce WAN bandwidth costs. Cisco IOS Software is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to reload the affected device, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCuq59708
Trust: 2.52
sources:
NVD: CVE-2016-1347 //
JVNDB: JVNDB-2016-001905 //
CNVD: CNVD-2016-01886 //
BID: 85306 //
VULHUB: VHN-90166
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2016-01886
AFFECTED PRODUCTS
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.1\(4\)xb8a | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.3\(3\)jaa1 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.3\(3\)m6 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.1\(4\)m6 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.2\(4\)jaz1 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.1\(4\)xb8 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.4\(2\)t | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.4\(2\)t4 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.1\(4\)xb6 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.5\(2\)t3 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.1\(4\)xb4 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.2\(4\)m7 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.4\(1\)t1 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.4\(2\)t1 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.3\(1\)t2 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.1\(4\)gc2 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.5\(2\)t2 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.1\(4\)xb7 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.4\(3\)m2 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.5\(2\)t1 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.5\(3\)m | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.3\(3\)m4 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.3\(3\)m3 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.4\(3\)m1 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.3\(3\)m | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.4\(3\)m | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.4\(1\)t | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.1\(4\)xb5a | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.4\(2\)t2 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.4\(3\)m3 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.4\(1\)t2 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.4\(2\)t3 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.1\(4\)xb5 | Trust: 1.0 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.1 to 15.5 | Trust: 0.8 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.1-15.5 | Trust: 0.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.3\\\(2\\\)t4 | Trust: 0.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.3\\\(1\\\)t4 | Trust: 0.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.3\\\(3\\\)m2 | Trust: 0.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.1\\\(2\\\)gc2 | Trust: 0.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.1\\\(4\\\)m9 | Trust: 0.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.3\\\(3\\\)m1 | Trust: 0.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.4\\\(2\\\)t | Trust: 0.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.2\\\(2\\\)jn1 | Trust: 0.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.2\\\(2\\\)jb3 | Trust: 0.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.2\\\(4\\\)ja1 | Trust: 0.6 |
| vendor: | cisco | model: | wide area application services | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 0 | Trust: 0.3 |
sources:
CNVD: CNVD-2016-01886 //
BID: 85306 //
JVNDB: JVNDB-2016-001905 //
CNNVD: CNNVD-201603-360 //
NVD: CVE-2016-1347
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
CNVD: CNVD-2016-01886 //
VULHUB: VHN-90166 //
JVNDB: JVNDB-2016-001905 //
CNNVD: CNNVD-201603-360 //
NVD: CVE-2016-1347
PROBLEMTYPE DATA
| problemtype: | CWE-399 | Trust: 1.9 |
sources:
VULHUB: VHN-90166 //
JVNDB: JVNDB-2016-001905 //
NVD: CVE-2016-1347
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-201603-360
TYPE
resource management error
Trust: 0.6
sources:
CNNVD: CNNVD-201603-360
CONFIGURATIONS
sources:
JVNDB: JVNDB-2016-001905
PATCH
| title: | cisco-sa-20160323-l4f | url: | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-l4f | Trust: 0.8 |
| title: | cisco-sa-20160323-l4f | url: | http://www.cisco.com/cisco/web/support/JP/113/1136/1136609_cisco-sa-20160323-l4f-j.html | Trust: 0.8 |
| title: | Cisco IOS SoftwareWideAreaApplicationServicesExpress denial of service vulnerability patch | url: | https://www.cnvd.org.cn/patchInfo/show/73322 | Trust: 0.6 |
| title: | Cisco IOS Software Wide Area Application Services Express Remediation measures for denial of service vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60685 | Trust: 0.6 |
sources:
CNVD: CNVD-2016-01886 //
JVNDB: JVNDB-2016-001905 //
CNNVD: CNNVD-201603-360
EXTERNAL IDS
| db: | NVD | id: | CVE-2016-1347 | Trust: 3.4 |
| db: | SECTRACK | id: | 1035380 | Trust: 1.7 |
| db: | JVNDB | id: | JVNDB-2016-001905 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201603-360 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2016-01886 | Trust: 0.6 |
| db: | BID | id: | 85306 | Trust: 0.4 |
| db: | VULHUB | id: | VHN-90166 | Trust: 0.1 |
sources:
CNVD: CNVD-2016-01886 //
VULHUB: VHN-90166 //
BID: 85306 //
JVNDB: JVNDB-2016-001905 //
CNNVD: CNNVD-201603-360 //
NVD: CVE-2016-1347
REFERENCES
| url: | http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160323-l4f | Trust: 2.6 |
| url: | http://www.securitytracker.com/id/1035380 | Trust: 1.7 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1347 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1347 | Trust: 0.8 |
| url: | http://www.cisco.com/ | Trust: 0.3 |
| url: | http://www.cisco.com/c/en/us/products/routers/wide-area-application-services/index.html | Trust: 0.3 |
sources:
CNVD: CNVD-2016-01886 //
VULHUB: VHN-90166 //
BID: 85306 //
JVNDB: JVNDB-2016-001905 //
CNNVD: CNNVD-201603-360 //
NVD: CVE-2016-1347
CREDITS
Cisco
Trust: 0.3
sources:
BID: 85306
SOURCES
| db: | CNVD | id: | CNVD-2016-01886 |
| db: | VULHUB | id: | VHN-90166 |
| db: | BID | id: | 85306 |
| db: | JVNDB | id: | JVNDB-2016-001905 |
| db: | CNNVD | id: | CNNVD-201603-360 |
| db: | NVD | id: | CVE-2016-1347 |
LAST UPDATE DATE
2025-04-13T23:09:38.557000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2016-01886 | date: | 2016-03-28T00:00:00 |
| db: | VULHUB | id: | VHN-90166 | date: | 2016-12-03T00:00:00 |
| db: | BID | id: | 85306 | date: | 2016-03-23T00:00:00 |
| db: | JVNDB | id: | JVNDB-2016-001905 | date: | 2016-03-28T00:00:00 |
| db: | CNNVD | id: | CNNVD-201603-360 | date: | 2022-07-29T00:00:00 |
| db: | NVD | id: | CVE-2016-1347 | date: | 2025-04-12T10:46:40.837 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2016-01886 | date: | 2016-03-28T00:00:00 |
| db: | VULHUB | id: | VHN-90166 | date: | 2016-03-24T00:00:00 |
| db: | BID | id: | 85306 | date: | 2016-03-23T00:00:00 |
| db: | JVNDB | id: | JVNDB-2016-001905 | date: | 2016-03-28T00:00:00 |
| db: | CNNVD | id: | CNNVD-201603-360 | date: | 2016-03-24T00:00:00 |
| db: | NVD | id: | CVE-2016-1347 | date: | 2016-03-24T22:59:00.077 |