ID
VAR-201608-0244
CVE
CVE-2016-1478
TITLE
Cisco IOS Service disruption in (DoS) Vulnerabilities
Trust: 0.8
sources:
JVNDB: JVNDB-2016-004313
DESCRIPTION
Cisco IOS 15.5(3)S3, 15.6(1)S2, 15.6(2)S1, and 15.6(2)T1 does not properly dequeue invalid NTP packets, which allows remote attackers to cause a denial of service (interface wedge) by sending many crafted NTP packets, aka Bug ID CSCva35619. Cisco IOS is an operating system developed by Cisco Systems for its network devices. Cisco IOS Software is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. This issue is being tracked by Cisco Bug ID CSCva35619
Trust: 2.52
sources:
NVD: CVE-2016-1478 //
JVNDB: JVNDB-2016-004313 //
CNVD: CNVD-2016-06186 //
BID: 92317 //
VULHUB: VHN-90297
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2016-06186
AFFECTED PRODUCTS
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.5\(3\)s3 | Trust: 1.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.6\(1\)s2 | Trust: 1.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.6\(2\)t1 | Trust: 1.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.6\(2\)s1 | Trust: 1.6 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.5(3)s3 | Trust: 0.8 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.6(1)s2 | Trust: 0.8 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.6(2)s1 | Trust: 0.8 |
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.6(2)t1 | Trust: 0.8 |
| vendor: | cisco | model: | ios xe | scope: | eq | version: | 3.16.3s | Trust: 0.8 |
| vendor: | cisco | model: | ios xe | scope: | eq | version: | 3.17.2s | Trust: 0.8 |
| vendor: | cisco | model: | ios xe | scope: | eq | version: | 3.18.1s | Trust: 0.8 |
| vendor: | cisco | model: | ios software 15.5 s3 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | cisco | model: | ios software 15.6 s2 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | cisco | model: | ios software 15.6 s1 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | cisco | model: | ios software 15.6 t1 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | cisco | model: | ios xe 3.18.1s | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios xe 3.17.2s | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios xe 3.16.3s | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 15.6 t1 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 15.6 s1 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 15.6 s2 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 15.5 s3 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios xe 3.18.0sp | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 15.6 m | scope: | ne | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 15.6 sp | scope: | ne | version: | - | Trust: 0.3 |
sources:
CNVD: CNVD-2016-06186 //
BID: 92317 //
JVNDB: JVNDB-2016-004313 //
CNNVD: CNNVD-201608-180 //
NVD: CVE-2016-1478
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
CNVD: CNVD-2016-06186 //
VULHUB: VHN-90297 //
JVNDB: JVNDB-2016-004313 //
CNNVD: CNNVD-201608-180 //
NVD: CVE-2016-1478
PROBLEMTYPE DATA
| problemtype: | CWE-20 | Trust: 1.9 |
sources:
VULHUB: VHN-90297 //
JVNDB: JVNDB-2016-004313 //
NVD: CVE-2016-1478
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-201608-180
TYPE
input validation
Trust: 0.6
sources:
CNNVD: CNNVD-201608-180
CONFIGURATIONS
sources:
JVNDB: JVNDB-2016-004313
PATCH
| title: | cisco-sa-20160804-wedge | url: | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160804-wedge | Trust: 0.8 |
| title: | Patch for Cisco IOS Denial of Service Vulnerability (CNVD-2016-06186) | url: | https://www.cnvd.org.cn/patchInfo/show/80250 | Trust: 0.6 |
| title: | Cisco IOS Remediation measures for denial of service vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63571 | Trust: 0.6 |
sources:
CNVD: CNVD-2016-06186 //
JVNDB: JVNDB-2016-004313 //
CNNVD: CNNVD-201608-180
EXTERNAL IDS
| db: | NVD | id: | CVE-2016-1478 | Trust: 3.4 |
| db: | BID | id: | 92317 | Trust: 2.0 |
| db: | SECTRACK | id: | 1036541 | Trust: 1.1 |
| db: | JVNDB | id: | JVNDB-2016-004313 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201608-180 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2016-06186 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-90297 | Trust: 0.1 |
sources:
CNVD: CNVD-2016-06186 //
VULHUB: VHN-90297 //
BID: 92317 //
JVNDB: JVNDB-2016-004313 //
CNNVD: CNNVD-201608-180 //
NVD: CVE-2016-1478
REFERENCES
| url: | http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160804-wedge | Trust: 2.6 |
| url: | http://www.securityfocus.com/bid/92317 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id/1036541 | Trust: 1.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1478 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1478 | Trust: 0.8 |
| url: | http://www.cisco.com/ | Trust: 0.3 |
sources:
CNVD: CNVD-2016-06186 //
VULHUB: VHN-90297 //
BID: 92317 //
JVNDB: JVNDB-2016-004313 //
CNNVD: CNNVD-201608-180 //
NVD: CVE-2016-1478
CREDITS
Cisco
Trust: 0.3
sources:
BID: 92317
SOURCES
| db: | CNVD | id: | CNVD-2016-06186 |
| db: | VULHUB | id: | VHN-90297 |
| db: | BID | id: | 92317 |
| db: | JVNDB | id: | JVNDB-2016-004313 |
| db: | CNNVD | id: | CNNVD-201608-180 |
| db: | NVD | id: | CVE-2016-1478 |
LAST UPDATE DATE
2025-04-13T23:37:28.405000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2016-06186 | date: | 2016-08-10T00:00:00 |
| db: | VULHUB | id: | VHN-90297 | date: | 2017-08-16T00:00:00 |
| db: | BID | id: | 92317 | date: | 2016-08-10T09:00:00 |
| db: | JVNDB | id: | JVNDB-2016-004313 | date: | 2016-08-17T00:00:00 |
| db: | CNNVD | id: | CNNVD-201608-180 | date: | 2016-08-08T00:00:00 |
| db: | NVD | id: | CVE-2016-1478 | date: | 2025-04-12T10:46:40.837 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2016-06186 | date: | 2016-08-10T00:00:00 |
| db: | VULHUB | id: | VHN-90297 | date: | 2016-08-08T00:00:00 |
| db: | BID | id: | 92317 | date: | 2016-08-04T00:00:00 |
| db: | JVNDB | id: | JVNDB-2016-004313 | date: | 2016-08-17T00:00:00 |
| db: | CNNVD | id: | CNNVD-201608-180 | date: | 2016-08-08T00:00:00 |
| db: | NVD | id: | CVE-2016-1478 | date: | 2016-08-08T00:59:09.203 |