VDB
CVE-2016-1409
CVE-2016-1409
PUBLISHED
CVSS 5 MEDIUM
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild in May 2016.
EPSS 4.85% · 89.7th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
4.85%
89.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cisco | nx-os | *, 5.0\(3\), 5.0\(3\)n2\(1\) |
| cisco | ios_xe | 2.1.0, 2.1.1, 2.1.3 |
| cisco | ios | *, *, * |
| n/a | n/a | n/a |
| cisco | ios_xr | 2.0.0, 3.0.0, 3.2.0 |
| Cisco | N/A |
Exploit Intelligence
- 20160525 Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability (circl)
- 1035964 (circl)
- 90872 (circl)
- 1035965 (circl)
- 1035962 (circl)
- 1036651 (circl)
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-01-ipv6-en (circl)
- 1035963 (circl)
Timeline
- May 25, 2016 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 16, 2023 EPSS Score
- Oct 29, 2023 EPSS Score
- Dec 21, 2023 EPSS Score
References
- http://www.securitytracker.com/id/1035962 advisory
- http://www.securitytracker.com/id/1035963 advisory
- http://www.securitytracker.com/id/1035964 advisory
- http://www.securitytracker.com/id/1035965 advisory
- http://www.securityfocus.com/bid/90872 advisory
- 20160525 Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability vendor-advisory
- 1036651 vdb
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-01-ipv6-en url
- https://nvd.nist.gov/vuln/detail/CVE-2016-1409 advisory