CVE-2016-1347 — Vulnetix

CVE-2016-1347 PUBLISHED CVSS 7.5 HIGH

The Wide Area Application Services (WAAS) Express implementation in Cisco IOS 15.1 through 15.5 allows remote attackers to cause a denial of service (device reload) via a crafted TCP segment, aka Bug ID CSCuq59708.

EPSS 4.32% · 89.1th percentile

Risk Scores

CVSS 3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score

4.32%

89.1th percentile

Affected Products

Vendor	Product	Versions
cisco	ios	*, 15.1\(4\)gc2, 15.1\(4\)xb4
n/a	n/a	*

Exploit Intelligence

20160323 Cisco IOS Software Wide Area Application Services Express Denial of Service Vulnerability (circl)
1035380 (circl)

Timeline

Mar 23, 2016 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Sep 3, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 8, 2023 EPSS Score
Mar 7, 2023 EPSS Score
May 25, 2023 EPSS Score
Jul 16, 2023 EPSS Score
Sep 7, 2023 EPSS Score

References

20160323 Cisco IOS Software Wide Area Application Services Express Denial of Service Vulnerability vendor-advisory
1035380 vdb
https://nvd.nist.gov/vuln/detail/CVE-2016-1347 advisory

Open in Interactive Console →