Security restrictions bypass in Cisco IOS - CVE-2016-6438
Published: October 12, 2016 / Updated: April 5, 2018
Vulnerability identifier: #VU942
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear
CVE-ID: CVE-2016-6438
CWE-ID: CWE-264
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Cisco IOS
Cisco IOS
Detailed vulnerability description
The vulnerability allows a remote unauthenticated user to cause a configuration integrity change on the target device.
The vulnerability is due to a logic processing error. As the affected device is configured with the Downstream Resiliency and Downstream Resiliency Bonding Group features attackers can establish Telnet or SSH connections and trigger an integrity issue with the vty line configuration.
Successful exploitation of the vulnerability will result in a configuration integrity change to the vty line configuration.
The vulnerability is due to a logic processing error. As the affected device is configured with the Downstream Resiliency and Downstream Resiliency Bonding Group features attackers can establish Telnet or SSH connections and trigger an integrity issue with the vty line configuration.
Successful exploitation of the vulnerability will result in a configuration integrity change to the vty line configuration.
How to mitigate CVE-2016-6438
Update to fixed versions
15.6(1.7)SP1;
16.4(0.183);
16.5(0.1).
15.6(1.7)SP1;
16.4(0.183);
16.5(0.1).