Vulnerabilities > CVE-2016-1347 - Resource Management Errors vulnerability in Cisco IOS
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
The Wide Area Application Services (WAAS) Express implementation in Cisco IOS 15.1 through 15.5 allows remote attackers to cause a denial of service (device reload) via a crafted TCP segment, aka Bug ID CSCuq59708.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
| NASL family | CISCO |
| NASL id | CISCO-SA-20160323-L4F.NASL |
| description | The version of Cisco IOS running on the remote device is affected by a denial of service vulnerability in the Wide Area Application Services (WAAS) Express feature due to improper validation of TCP segments. An unauthenticated, remote attacker can exploit this, via a crafted TCP segment, to cause the device to reload, resulting in a denial of service condition. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 93562 |
| published | 2016-09-16 |
| reporter | This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/93562 |
| title | Cisco IOS Software Wide Area Application Services Express DoS |