Vulnerabilities > CVE-2016-6382 - Resource Management Errors vulnerability in Cisco IOS and IOS XE

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

cisco

CWE-399

nessus

NVD

Published: 2016-10-05

Updated: 2017-07-30

Summary

Cisco IOS 15.2 through 15.6 and IOS XE 3.6 through 3.17 and 16.1 allow remote attackers to cause a denial of service (device restart) via a malformed IPv6 Protocol Independent Multicast (PIM) register packet, aka Bug ID CSCuy16399.

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco IOS 15.2\(4\)Ea Cisco IOS 15.4\(2\)S2 Cisco IOS 15.5\(1\)T1 Cisco IOS 15.4\(2\)S4 Cisco IOS 15.2\(2\)Sy Cisco IOS 15.2\(3\)E2 Cisco IOS 15.5\(3\)S1A Cisco IOS 15.5\(1\)T3 Cisco IOS 15.2\(1\)Sy1A Cisco IOS 15.2\(1\)Sy Cisco IOS 15.4\(3\)S4 Cisco IOS 15.3\(3\)S5 Cisco IOS 15.4\(3\)M2 Cisco IOS 15.5\(1\)S2 Cisco IOS 15.4\(2\)T1 Cisco IOS 15.4\(1\)T2 Cisco IOS 15.2\(2\)Ea2 Cisco IOS 15.5\(3\)Sn Cisco IOS 15.4\(3\)S2 Cisco IOS 15.5\(2\)T Cisco IOS 15.5\(2\)S Cisco IOS 15.4\(1\)S Cisco IOS 15.3\(3\)S3 Cisco IOS 15.4\(2\)T2 Cisco IOS 15.2\(2\)Ea1 Cisco IOS 15.4\(1\)S1 Cisco IOS 15.5\(3\)M2 Cisco IOS 15.5\(2\)T3 Cisco IOS 15.2\(2A\)E1 Cisco IOS 15.5\(2\)S1 Cisco IOS 15.4\(3\)S5 Cisco IOS 15.2\(2\)E2 Cisco IOS 15.2\(3\)E3 Cisco IOS 15.2\(4\)E Cisco IOS 15.4\(3\)M3 Cisco IOS 15.2\(2\)E1 Cisco IOS 15.4\(2\)T3 Cisco IOS 15.5\(3\)M Cisco IOS 15.2\(4\)Ea1 Cisco IOS 15.3\(3\)S6 Cisco IOS 15.3\(3\)S1A Cisco IOS 15.3\(1\)Sy Cisco IOS 15.2\(2\)E Cisco IOS 15.2\(4\)Ea3 Cisco IOS 15.2\(2\)Eb2 Cisco IOS 15.4\(1\)T3 Cisco IOS 15.3\(3\)S7 Cisco IOS 15.2\(2\)Eb1 Cisco IOS 15.5\(3\)M1 Cisco IOS 15.4\(1\)S2 Cisco IOS 15.2\(3\)E Cisco IOS 15.4\(2\)Cg Cisco IOS 15.5\(3\)S2 Cisco IOS 15.2\(4M\)E1 Cisco IOS 15.2\(2\)Eb Cisco IOS 15.2\(2\)Sy1 Cisco IOS 15.2\(3M\)E2 Cisco IOS 15.5\(3\)S1 Cisco IOS 15.2\(3\)Ea Cisco IOS 15.2\(2\)E4 Cisco IOS 15.5\(3\)M0A Cisco IOS 15.5\(1\)T4 Cisco IOS 15.5\(1\)S1 Cisco IOS 15.4\(1\)T Cisco IOS 15.4\(1\)S3 Cisco IOS 15.4\(2\)T Cisco IOS 15.5\(2\)T2 Cisco IOS 15.5\(3\)S Cisco IOS 15.5\(1\)T Cisco IOS 15.4\(2\)S1 Cisco IOS 15.2\(3A\)E Cisco IOS 15.4\(1\)T1 Cisco IOS 15.6\(1\)T1 Cisco IOS 15.2\(4\)E1 Cisco IOS 15.4\(1\)S4 Cisco IOS 15.3\(3\)S4 Cisco IOS 15.4\(3\)M5 Cisco IOS 15.4\(3\)M4 Cisco IOS 15.4\(1\)Cg Cisco IOS 15.6\(1\)S1 Cisco IOS 15.6\(2\)T Cisco IOS 15.4\(2\)S Cisco IOS 15.6\(1\)T0A Cisco IOS 15.4\(3\)S Cisco IOS 15.2\(3\)E1 Cisco IOS 15.5\(1\)S Cisco IOS 15.6\(1\)S Cisco IOS 15.4\(3\)S3 Cisco IOS 15.5\(1\)T2 Cisco IOS 15.5\(1\)S3 Cisco IOS 15.5\(2\)T1 Cisco IOS 15.3\(3\)S1 Cisco IOS 15.2\(1\)Sy1 Cisco IOS 15.3\(3\)S Cisco IOS 15.5\(3\)S0A Cisco IOS 15.4\(3\)M1 Cisco IOS 15.4\(1\)T4 Cisco IOS 15.4\(3\)S1 Cisco IOS 15.4\(1\)Cg1 Cisco IOS 15.2\(2\)Ea3 Cisco IOS 15.4\(2\)S3 Cisco IOS 15.3\(3\)S2 Cisco IOS 15.4\(3\)M Cisco IOS 15.2\(1\)Sy0A Cisco IOS 15.5\(2\)S2 Cisco IOS 15.4\(2\)T4 Cisco IOS 15.6\(1\)T Cisco IOS XE 3.13.2S Cisco IOS XE 3.10.6S Cisco IOS XE 3.15.1Cs Cisco IOS XE 3.13.4S Cisco IOS XE 3.13.0S Cisco IOS XE 3.7.1E Cisco IOS XE 3.6.4E Cisco IOS XE 16.1.2 Cisco IOS XE 3.16.0S Cisco IOS XE 3.14.1S Cisco IOS XE 3.12.2S Cisco IOS XE 3.6.0E Cisco IOS XE 3.10.5S Cisco IOS XE 3.10.1S Cisco IOS XE 3.17.1As Cisco IOS XE 3.6.2Ae Cisco IOS XE 3.10.2S Cisco IOS XE 3.16.2S Cisco IOS XE 3.16.0Cs Cisco IOS XE 3.13.5S Cisco IOS XE 3.11.2S Cisco IOS XE 3.15.0S Cisco IOS XE 3.13.5As Cisco IOS XE 3.14.3S Cisco IOS XE 3.10.1Xbs Cisco IOS XE 3.11.3S Cisco IOS XE 3.10.2Ts Cisco IOS XE 3.10.3S Cisco IOS XE 3.14.0S Cisco IOS XE 3.6.2E Cisco IOS XE 3.10.7S Cisco IOS XE 3.16.1S Cisco IOS XE 3.11.0S Cisco IOS XE 3.12.0As Cisco IOS XE 3.15.1S Cisco IOS XE 16.1.1 Cisco IOS XE 3.10.0S Cisco IOS XE 3.7.3E Cisco IOS XE 3.17.0S Cisco IOS XE 3.7.2E Cisco IOS XE 3.6.3E Cisco IOS XE 3.8.1E Cisco IOS XE 3.17.1S Cisco IOS XE 3.15.2S Cisco IOS XE 3.14.2S Cisco IOS XE 3.16.2Bs Cisco IOS XE 3.16.1As Cisco IOS XE 3.12.0S Cisco IOS XE 3.12.1S Cisco IOS XE 3.12.4S Cisco IOS XE 3.13.3S Cisco IOS XE 3.7.0E Cisco IOS XE 3.6.1E Cisco IOS XE 3.13.2As Cisco IOS XE 3.11.4S Cisco IOS XE 3.13.0As Cisco IOS XE 3.12.3S Cisco IOS XE 3.13.1S Cisco IOS XE 3.10.4S Cisco IOS XE 3.8.0E Cisco IOS XE 3.16.2As Cisco IOS XE 3.11.1S	169

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Nessus

NASL family	CISCO
NASL id	CISCO-SA-20160928-MSDP-IOSXE.NASL
description	According to its self-reported version number and configuration, the remote Cisco IOS XE device is affected by multiple denial of service vulnerabilities : - A denial of service vulnerability exists due to improper validation of packets encapsulated in a PIM register message. An unauthenticated, remote attacker can exploit this, by sending an IPv6 PIM register packet to a PIM rendezvous point (RP), to cause the device to restart. (CVE-2016-6382) - A denial of service vulnerability exists in the IPv4 Multicast Source Discovery Protocol (MSDP) implementation due to improper validation of Source-Active (SA) messages received from a configured MSDP peer. An unauthenticated, remote attacker can exploit this to cause the device to restart. (CVE-2016-6392)
last seen	2020-06-01
modified	2020-06-02
plugin id	93898
published	2016-10-07
reporter	This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/93898
title	Cisco IOS XE Multicast Routing Multiple DoS (cisco-sa-20160928-msdp)

NASL family	CISCO
NASL id	CISCO-SA-20160928-MSDP.NASL
description	According to its self-reported version number and configuration, the remote Cisco IOS device is affected by multiple denial of service vulnerabilities : - A denial of service vulnerability exists due to improper validation of packets encapsulated in a PIM register message. An unauthenticated, remote attacker can exploit this, by sending an IPv6 PIM register packet to a PIM rendezvous point (RP), to cause the device to restart. (CVE-2016-6382) - A denial of service vulnerability exists in the IPv4 Multicast Source Discovery Protocol (MSDP) implementation due to improper validation of Source-Active (SA) messages received from a configured MSDP peer. An unauthenticated, remote attacker can exploit this to cause the device to restart. (CVE-2016-6392)
last seen	2020-06-01
modified	2020-06-02
plugin id	93899
published	2016-10-07
reporter	This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/93899
title	Cisco IOS Multicast Routing Multiple DoS (cisco-sa-20160928-msdp)

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

References