Multiple vulnerabilities in Cisco IOS XE
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2016-1349 CVE-2013-1146 CVE-2012-0385 CVE-2011-3271 |
| CWE-ID | CWE-399 CWE-404 CWE-20 CWE-264 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Cisco IOS XE Operating systems & Components / Operating system |
| Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Resource management errors
EUVDB-ID: #VU11757
Risk: Medium
CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-1349
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.
The weakness exists due to incorrect handling of image list parameters. A remote attacker can send specially crafted Smart Install packets to TCP port 4786 and cause the service to crash.
Update to versions 15.2(5.5.64)E, 15.2(5.5.63)E, 15.2(5.1.3)E, 15.2(5)E, 15.2(4.1.13)E, 15.2(4.1.5a)E, 15.2(4.0.95a)E, 15.2(4)E3, 15.2(4)E2, 15.2(4)E1, 15.2(4)E, 15.2(3)E3, 15.2(2.0.2)EA3, 15.2(2)EA3, 15.2(2)E4, 15.1(2)SG7, 15.0(2.1.94)SG11, 15.0(2.1.91)SG11, 15.0(2)SG11, 15.0(2)SE9, 15.0(2)EX11, 15.0(2)EX10, 12.2(60)EZ9, 12.2(55)SE11, 3.9(0)E, 3.8(0)E, 3.7(3)E or 3.6(4)E.
Vulnerable software versionsCisco IOS XE: 15.2.1.1
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-smi
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper resource shutdown
EUVDB-ID: #VU11758
Risk: Medium
CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2013-1146
CWE-ID:
CWE-404 - Improper Resource Shutdown or Release
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.
The weakness exists due to an unspecified flaw. A remote attacker can cause the service to crash.
Update to versions 15.2(1)E, 15.0(2)SE4, 15.0(2)SE2, 15.0(2)SE1, 15.0(2)EY2, 15.0(2)EY1, 15.0(2)EY, 15.0(2)EX1, 15.0(2)EX, 15.0(2)ED1, 15.0(2)ED, 12.2(55)SE7, 12.2(55)SE10, 16.1(0.14), 15.7(3.1.11D)OT, 15.4(0.23)T, 15.3(3)M1, 15.3(3)M0.4, 15.3(3)JNB1, 15.3(3)JNB, 15.3(3)JN4, 15.3(3)JA77, 15.3(3)JA3, 15.3(3)JA2, 15.3(3)JA1m, 15.3(3)JA10, 15.3(3)JA1, 15.3(2)T1, 15.3(2)T, 15.3(2.3.1)CG, 15.3(1)T2, 15.3(1)T1, 15.3(1)T0.1, 15.3(1.14)PI22, 15.3(1.13)T, 15.3(1.13.1)PIH21, 15.3(1.9)T, 15.2(6.3.0i)E, 15.2(5.0)ST, 15.2(4)XB11, 15.2(4)M5, 15.2(4)M4, 15.2(4)M3, 15.2(4)M2.5, 15.2(4)GC1, 15.2(4)GC, 15.2(4.0)ST, 15.2(4.0.64a)E, 15.2(3)T3, 15.2(3)T2.1, 15.2(3)GCA1, 15.2(3)GC1, 15.2(2)T4, 15.2(2)T3, 15.2(2)JB4, 15.2(1)T4, 15.2(1)T3.2, 15.2(1)EX0.116, 15.2(1.2.3)PI22, 15.2(1.1)EY, 15.2(1.0.1)IPI2, 15.1(4)M6, 15.1(4)M5.14, 15.1(4)GC1, 15.1(2)SY, 15.1(2)SGN1.64, 15.1(2)SG3.0.1, 15.1(2)SG1, 15.1(2)SG1.0.79, 15.1(1)SY5, 15.1(1)SY4.28, 15.1(1)SY1, 15.1(1)SY1.57, 15.1(1)SY1.55, 15.1(1)SY1.32, 15.1(1)SY0.1, 15.1(1.33)SID, 15.0(10.16)EMW, 15.0(9.4)EMW, 15.0(9.2)EMD, 15.0(9.0)PKD, 15.0(5.0)SG1, 15.0(5.0.26)SG, 15.0(2)SE3, 15.0(2)EZ, 15.0(2)EJ, 15.0(2)EB, 15.0(2)EA1, 15.0(2)EA, 15.0(1.20)EZD, 15.0(1.15)UCT or 3.2(0)SE.
Vulnerable software versionsCisco IOS XE: 12.2.58 SE
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-smartinstall
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper input validation
EUVDB-ID: #VU11759
Risk: Medium
CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2012-0385
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.
The weakness exists in the Smart Install feature due to improper input validation when processing a malformed Smart Install message on TCP port 4786. A remote attacker can cause the service to crash.
Update to versions 15.2(2)E, 15.2(1)EY, 15.2(1)E3, 15.2(1)E2, 15.2(1)E1, 15.2(1)E, 15.0(2)SE6, 15.0(2)SE5, 15.0(2)SE4, 15.0(2)SE2, 15.0(2)SE1, 15.0(2)SE, 15.0(2)EY2, 15.0(2)EY1, 15.0(2)EY, 15.0(2)EX5, 15.0(2)EX4, 15.0(2)EX3, 15.0(2)EX1, 15.0(2)EX, 15.0(2)EK1, 15.0(2)EK, 15.0(2)ED, 15.0(1)SE3, 15.0(1)SE2, 15.0(1)SE1, 12.2(60)EZ5, 12.2(60)EZ4, 12.2(60)EZ3, 12.2(60)EZ2, 12.2(60)EZ1, 12.2(60)EZ, 12.2(55)SE9, 12.2(55)SE8, 12.2(55)SE7, 12.2(55)SE6, 12.2(55)SE5, 16.1(0.14), 15.4(3)M, 15.4(2)T1, 15.4(2)T, 15.4(2)CG, 15.4(1)T2, 15.4(1)T1, 15.4(1)T, 15.4(1)CG1, 15.4(1)CG, 15.3(3)XB12, 15.3(3)M3, 15.3(3)M2, 15.3(3)M1, 15.3(3)M, 15.3(2)T4, 15.3(2)T3, 15.3(2)T2, 15.3(2)T1, 15.3(2)T, 15.3(1)T4, 15.3(1)T3, 15.3(1)T2, 15.3(1)T1, 15.3(1)T, 15.2(5.0)ST, 15.2(4)XB11, 15.2(4)M6b, 15.2(4)M6a, 15.2(4)M6, 15.2(4)M5, 15.2(4)M4, 15.2(4)M3, 15.2(4)M2, 15.2(4)M1, 15.2(4)JB6, 15.2(4)JB5m, 15.2(4)JB5, 15.2(4)JB4, 15.2(4)JB3s, 15.2(4)JB3b, 15.2(4)JB3a, 15.2(4)JB3, 15.2(4)JB1, 15.2(4)JB, 15.2(4)JAZ, 15.2(4)JA1, 15.2(4)JA, 15.2(4)GC2, 15.2(4)GC1, 15.2(4)GC, 15.2(4.0)ST, 15.2(4.0.64a)E, 15.2(3)T4, 15.2(3)T3, 15.2(3)T2, 15.2(3)T1, 15.2(3)T, 15.2(3)GCA1, 15.2(3)GCA, 15.2(3)GC1, 15.2(3)GC, 15.2(3.30)PIP, 15.2(2)T4, 15.2(2)T3, 15.2(2)T1, 15.2(2)T0.2, 15.2(2)JB4, 15.2(2)GC, 15.2(2.14)PI19, 15.2(2.10)T, 15.2(2.9.5)PIH18, 15.2(1)T4, 15.2(1)T2, 15.2(1)T1.12, 15.2(1)GC2, 15.2(1)EX0.5, 15.1(4)XB7, 15.1(4)XB5a, 15.1(4)M9, 15.1(4)M8, 15.1(4)M7, 15.1(4)M6, 15.1(4)M5, 15.1(4)M4, 15.1(4)M3.2, 15.1(4)GC2, 15.1(4)GC1, 15.1(4)GC, 15.1(3)T4, 15.1(3)T3, 15.1(2)SY3, 15.1(2)SY2, 15.1(2)SY1, 15.1(2)SY, 15.1(2)STV11.1, 15.1(2)SIV11.7, 15.1(2)SG4, 15.1(2)SG3, 15.1(2)SG2, 15.1(2)SG1, 15.1(2)SG1.129, 15.1(2)SG, 15.1(1)SY3, 15.1(1)SY2, 15.1(1)SY1, 15.1(1)SY, 15.1(1)SG5.252, 15.1(1)SG5.251, 15.1(1)SG2, 15.1(1)SG2.1.1, 15.1(1)SG1, 15.1(1)SG, 15.1(1.5)SID, 15.1(1.4)DPB18, 15.1(0.9)SG3, 15.0(9.0)PKD, 15.0(7.1)EMW, 15.0(6.97)EMD, 15.0(2)SE3, 15.0(2)EZ, 15.0(2)EJ1, 15.0(2)EJ, 15.0(2)EH, 15.0(2)EC, 15.0(2)EB, 15.0(2)EA, 15.0(1)EY2, 12.2(58)EZ or 3.2(0)SE.
Vulnerable software versionsCisco IOS XE: 12.2.55 SE - 12.2.58 SE
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-smartinstall
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Remote code execution
EUVDB-ID: #VU11760
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2011-3271
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to execute arbitrary code on the target system.
The weakness exists due to an unspecified flaw. A remote attacker can execute arbitrary code.
Successful exploitation of the vulnerability may result in system compromise.
Update to versions 16.1(0.14), 15.4(3)M, 15.4(2)T1, 15.4(2)T, 15.4(2)CG, 15.4(1)T2, 15.4(1)T1, 15.4(1)T, 15.4(1)CG1, 15.4(1)CG, 15.3(3)XB12, 15.3(3)M3, 15.3(3)M2, 15.3(3)M1, 15.3(3)M, 15.3(2)T4, 15.3(2)T3, 15.3(2)T2, 15.3(2)T1, 15.3(2)T, 15.3(1)T4, 15.3(1)T3, 15.3(1)T2, 15.3(1)T1, 15.3(1)T, 15.2(5.0)ST, 15.2(4.0.64a)E, 15.2(4.0)ST, 15.2(4)XB11, 15.2(4)M6b, 15.2(4)M6a, 15.2(4)M6, 15.2(4)M5, 15.2(4)M4, 15.2(4)M3, 15.2(4)M2, 15.2(4)M1, 15.2(4)JB6, 15.2(4)JB5m, 15.2(4)JB5, 15.2(4)JB4, 15.2(4)JB3s, 15.2(4)JB3b, 15.2(4)JB3a, 15.2(4)JB3, 15.2(4)JB1, 15.2(4)JB, 15.2(4)JAZ, 15.2(4)JA1, 15.2(4)JA, 15.2(4)GC2, 15.2(4)GC1, 15.2(4)GC, 15.2(3)T4, 15.2(3)T3, 15.2(3)T2, 15.2(3)T1, 15.2(3)T, 15.2(3)GCA1, 15.2(3)GCA, 15.2(3)GC1, 15.2(3)GC, 15.2(2)T4, 15.2(2)T3, 15.2(2)T1, 15.2(2)T, 15.2(2)JB3, 15.2(2)JB2, 15.2(2)JB, 15.2(2)JAX, 15.2(2)JA1, 15.2(2)JA, 15.2(2)E, 15.2(1.0.0)IPI2, 15.2(1)T4, 15.2(1)T2, 15.2(1)T1, 15.2(1)T, 15.2(1)EY, 15.2(1)E3, 15.2(1)E2, 15.2(1)E1, 15.2(1)E, 15.2(0.19)T, 15.2(0.17.3)PIA17, 15.2(0.13.9)PIB17, 15.1(4)M9, 15.1(4)M8, 15.1(4)M7, 15.1(4)M6, 15.1(4)M5, 15.1(4)M4, 15.1(4)M3, 15.1(4)M2, 15.1(4)GC2, 15.1(4)GC1, 15.1(3)T4, 15.1(3)T3, 15.1(3)T2, 15.1(2)SY3, 15.1(2)SY2, 15.1(2)SY1, 15.1(2)SY, 15.1(2)SG4, 15.1(2)SG3, 15.1(2)SG2, 15.1(2)SG1, 15.1(2)SG, 15.1(1)SY3, 15.1(1)SY2, 15.1(1)SY1, 15.1(1)SY, 15.1(1)SG5.170, 15.1(1)SG5.169, 15.1(1)SG5.163, 15.1(1)SG5.124, 15.1(1)SG5.103, 15.1(1)SG5.98, 15.1(1)SG5.83.1, 15.1(1)SG5.78.11, 15.1(1)SG5.64, 15.1(1)SG5.63, 15.0(4.4)DPB1, 15.0(4.1)SID, 15.0(2.26)DPB1.47, 15.0(2)SE6, 15.0(2)SE5, 15.0(2)SE4, 15.0(2)SE3, 15.0(2)SE2, 15.0(2)SE1, 15.0(2)SE, 15.0(2)EZ, 15.0(2)EY2, 15.0(2)EY1, 15.0(2)EY, 15.0(2)EX5, 15.0(2)EX4, 15.0(2)EX3, 15.0(2)EX1, 15.0(2)EX, 15.0(2)EK1, 15.0(2)EK, 15.0(2)EJ1, 15.0(2)EJ, 15.0(2)EH, 15.0(2)ED, 15.0(2)EC, 15.0(2)EB, 15.0(2)EA, 15.0(1)SE3, 15.0(1)SE2, 15.0(1)SE, 15.0(1)EY2, 12.2(60)EZ5, 12.2(60)EZ4, 12.2(60)EZ3, 12.2(60)EZ2, 12.2(60)EZ1, 12.2(60)EZ, 12.2(58)SE2, 12.2(58)SE1, 12.2(58)SE, 12.2(58)EZ, 12.2(58)EY, 12.2(55)SE9, 12.2(55)SE8, 12.2(55)SE7, 12.2(55)SE6, 12.2(55)SE5, 12.2(55)SE4, 12.2(55)SE3 or 12.2(55)EX3.
Vulnerable software versionsCisco IOS XE: 12.2.55 SE - 12.2.58 SE
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
