Details of VAR-201607-0543

ID

VAR-201607-0543

CVE

CVE-2016-1398

TITLE

plural Cisco Wireless-N VPN Device firmware buffer overflow vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2016-003417

DESCRIPTION

Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware through 1.2.1.4, RV130W devices with firmware through 1.0.2.7, and RV215W devices with firmware through 1.3.0.7 allows remote authenticated users to cause a denial of service (device reload) via a crafted HTTP request, aka Bug ID CSCux86669. Cisco RV110W , RV130W and RV215W Wireless-N VPN The device firmware contains a buffer overflow vulnerability. The Cisco RV130WWireless-N is a versatile VPN router; the Cisco RV110W/RV215W is a router that combines wired/wireless network connectivity, VPN, and firewall. Multiple Cisco Products are prone to a denial-of-service vulnerability. Attackers can exploit this issue to reload the affected device, denying service to legitimate users. This issue is being tracked by Cisco bug IDs CSCux86664, CSCux86669 and CSCux86675

Trust: 2.52

sources: NVD: CVE-2016-1398 // JVNDB: JVNDB-2016-003417 // CNVD: CNVD-2016-04097 // BID: 91218 // VULHUB: VHN-90217

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-04097

AFFECTED PRODUCTS

vendor:	cisco	model:	rv130w	scope:	eq	version:	1.0.1.3	Trust: 1.6
vendor:	cisco	model:	rv215w	scope:	eq	version:	1.1.0.5	Trust: 1.6
vendor:	cisco	model:	rv215w	scope:	eq	version:	1.3.0.7	Trust: 1.6
vendor:	cisco	model:	rv110w	scope:	eq	version:	1.2.0.9	Trust: 1.6
vendor:	cisco	model:	rv215w	scope:	eq	version:	1.2.0.15	Trust: 1.6
vendor:	cisco	model:	rv215w	scope:	eq	version:	1.2.0.14	Trust: 1.6
vendor:	cisco	model:	rv110w	scope:	eq	version:	1.2.0.10	Trust: 1.6
vendor:	cisco	model:	rv110w	scope:	eq	version:	1.1.0.9	Trust: 1.6
vendor:	cisco	model:	rv130w	scope:	eq	version:	1.0.0.21	Trust: 1.6
vendor:	cisco	model:	rv110w	scope:	eq	version:	1.2.1.4	Trust: 1.6
vendor:	cisco	model:	rv130w	scope:	eq	version:	1.0.2.7	Trust: 1.0
vendor:	cisco	model:	rv215w	scope:	eq	version:	1.1.0.6	Trust: 1.0
vendor:	cisco	model:	rv110w wireless-n vpn firewall	scope:	lte	version:	1.2.1.4	Trust: 0.8
vendor:	cisco	model:	rv130w wireless-n multifunction vpn router	scope:	lte	version:	1.0.2.7	Trust: 0.8
vendor:	cisco	model:	rv215w wireless-n vpn router	scope:	lte	version:	1.3.0.7	Trust: 0.8
vendor:	cisco	model:	rv110w wireless-n vpn firewall	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	rv130w wireless-n multifunction vpn router	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	rv215w wireless-n vpn router	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2016-04097 // JVNDB: JVNDB-2016-003417 // NVD: CVE-2016-1398 // CNNVD: CNNVD-201606-365

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2016-1398
value:	MEDIUM
Trust: 1.8
CNVD:	CNVD-2016-04097
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201606-365
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-90217
value:	MEDIUM
Trust: 0.1

NVD:
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	6.9
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
NVD:	CVE-2016-1398
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2016-04097
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-90217
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

NVD:
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.0
Trust: 1.0
NVD:	CVE-2016-1398
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2016-04097 // VULHUB: VHN-90217 // JVNDB: JVNDB-2016-003417 // NVD: CVE-2016-1398 // CNNVD: CNNVD-201606-365

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-90217 // JVNDB: JVNDB-2016-003417 // NVD: CVE-2016-1398

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201606-365

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201606-365

CONFIGURATIONS

sources: NVD: CVE-2016-1398

PATCH

title:

cisco-sa-20160615-rv3

url:

https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160615-rv3

Trust: 0.8

sources: JVNDB: JVNDB-2016-003417

EXTERNAL IDS

db:	NVD	id:	CVE-2016-1398	Trust: 3.4
db:	SECTRACK	id:	1036115	Trust: 1.1
db:	JVNDB	id:	JVNDB-2016-003417	Trust: 0.8
db:	CNVD	id:	CNVD-2016-04097	Trust: 0.6
db:	CNNVD	id:	CNNVD-201606-365	Trust: 0.6
db:	BID	id:	91218	Trust: 0.4
db:	VULHUB	id:	VHN-90217	Trust: 0.1

sources: CNVD: CNVD-2016-04097 // VULHUB: VHN-90217 // BID: 91218 // JVNDB: JVNDB-2016-003417 // NVD: CVE-2016-1398 // CNNVD: CNNVD-201606-365

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160615-rv3	Trust: 1.7
url:	http://www.securitytracker.com/id/1036115	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1398	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1398	Trust: 0.8
url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160615-rv3/	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2016-04097 // VULHUB: VHN-90217 // BID: 91218 // JVNDB: JVNDB-2016-003417 // NVD: CVE-2016-1398 // CNNVD: CNNVD-201606-365

CREDITS

Cisco would like to thank security researcher Samuel Huntley for finding and reporting this vulnerability.

Trust: 0.6

sources: CNNVD: CNNVD-201606-365

SOURCES

db:	CNVD	id:	CNVD-2016-04097
db:	VULHUB	id:	VHN-90217
db:	BID	id:	91218
db:	JVNDB	id:	JVNDB-2016-003417
db:	NVD	id:	CVE-2016-1398
db:	CNNVD	id:	CNNVD-201606-365

LAST UPDATE DATE

2023-12-18T12:44:51.378000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-04097	date:	2016-06-17T00:00:00
db:	VULHUB	id:	VHN-90217	date:	2017-09-01T00:00:00
db:	BID	id:	91218	date:	2016-06-15T00:00:00
db:	JVNDB	id:	JVNDB-2016-003417	date:	2016-07-06T00:00:00
db:	NVD	id:	CVE-2016-1398	date:	2017-09-01T01:29:03.303
db:	CNNVD	id:	CNNVD-201606-365	date:	2016-07-04T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-04097	date:	2016-06-17T00:00:00
db:	VULHUB	id:	VHN-90217	date:	2016-07-03T00:00:00
db:	BID	id:	91218	date:	2016-06-15T00:00:00
db:	JVNDB	id:	JVNDB-2016-003417	date:	2016-07-06T00:00:00
db:	NVD	id:	CVE-2016-1398	date:	2016-07-03T21:59:07.680
db:	CNNVD	id:	CNNVD-201606-365	date:	2016-06-16T00:00:00