CVE-2016-6385

Severity

78%

Complexity

99%

Confidentiality

115%

Memory leak in the Smart Install client implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.2 through 3.8 allows remote attackers to cause a denial of service (memory consumption) via crafted image-list parameters, aka Bug ID CSCuy82367.

Memory leak in the Smart Install client implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.2 through 3.8 allows remote attackers to cause a denial of service (memory consumption) via crafted image-list parameters, aka Bug ID CSCuy82367.

CVSS 3.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

CVSS 2.0 Base Score 7.8. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:C).

Overview

Type

Cisco IOS

First reported 8 years ago

2016-10-05 20:59:00

Last updated 7 years ago

2017-07-30 01:29:00

Affected Software

Cisco IOS 12.2(35)EX

12.2\(35\)ex

Cisco IOS 12.2(35)EX1

12.2\(35\)ex1

Cisco IOS 12.2(35)EX2

12.2\(35\)ex2

Cisco IOS 12.2(35)SE

12.2\(35\)se

Cisco IOS 12.2(37)EX

12.2\(37\)ex

Cisco IOS 12.2(37)EY

12.2\(37\)ey

Cisco IOS 12.2(37)SE

12.2\(37\)se

Cisco IOS 12.2(37)SE1

12.2\(37\)se1

Cisco IOS 12.2(40)EX1

12.2\(40\)ex1

Cisco IOS 12.2(40)EX2

12.2\(40\)ex2

Cisco IOS 12.2(40)EX3

12.2\(40\)ex3

Cisco IOS 12.2(40)SE

12.2\(40\)se

Cisco IOS 12.2(40)SE1

12.2\(40\)se1

Cisco IOS 12.2(40)SE2

12.2\(40\)se2

Cisco IOS 12.2(44)EX

12.2\(44\)ex

Cisco IOS 12.2(44)EX1

12.2\(44\)ex1

Cisco IOS 12.2(44)SE1

12.2\(44\)se1

Cisco IOS 12.2(44)SE2

12.2\(44\)se2

Cisco IOS 12.2(44)SE3

12.2\(44\)se3

Cisco IOS 12.2(44)SE4

12.2\(44\)se4

Cisco IOS 12.2(44)SE5

12.2\(44\)se5

Cisco IOS 12.2(44)SE6

12.2\(44\)se6

Cisco IOS 12.2(46)EX

12.2\(46\)ex

Cisco IOS 12.2(46)EY

12.2\(46\)ey

Cisco IOS 12.2(46)SE

12.2\(46\)se

Cisco IOS 12.2(46)SE1

12.2\(46\)se1

Cisco IOS 12.2(46)SE2

12.2\(46\)se2

Cisco IOS 12.2(50)SE

12.2\(50\)se

Cisco IOS 12.2(50)SE1

12.2\(50\)se1

Cisco IOS 12.2(50)SE2

12.2\(50\)se2

Cisco IOS 12.2(50)SE3

12.2\(50\)se3

Cisco IOS 12.2(50)SE4

12.2\(50\)se4

Cisco IOS 12.2(50)SE5

12.2\(50\)se5

Cisco IOS 12.2(52)EX

12.2\(52\)ex

Cisco IOS 12.2(52)EX1

12.2\(52\)ex1

Cisco IOS 12.2 (52)SE

12.2\(52\)se

Cisco IOS 12.2 (52)SE1

12.2\(52\)se1

Cisco IOS 12.2(53)EX

12.2\(53\)ex

Cisco IOS 12.2(53)EY

12.2\(53\)ey

Cisco IOS 12.2(53)EZ

12.2\(53\)ez

Cisco IOS 12.2(53)SE

12.2\(53\)se

Cisco IOS 12.2(53)SE1

12.2\(53\)se1

Cisco IOS 12.2(53)SE2

12.2\(53\)se2

Cisco IOS 12.2(54)SE

12.2\(54\)se

Cisco IOS 12.2(55)EX

12.2\(55\)ex

Cisco IOS 12.2(55)EX1

12.2\(55\)ex1

Cisco IOS 12.2(55)EX2

12.2\(55\)ex2

Cisco IOS 12.2(55)EX3

12.2\(55\)ex3

Cisco IOS 12.2(55)EY

12.2\(55\)ey

Cisco IOS 12.2(55)EZ

12.2\(55\)ez

Cisco IOS 12.2(55)SE

12.2\(55\)se

Cisco IOS 12.2(55)SE1

12.2\(55\)se1

Cisco IOS 12.2(55)SE2

12.2\(55\)se2

Cisco IOS 12.2(55)SE3

12.2\(55\)se3

Cisco IOS 12.2(55)SE4

12.2\(55\)se4

Cisco IOS 12.2(55)SE5

12.2\(55\)se5

Cisco IOS 12.2(55)SE6

12.2\(55\)se6

Cisco IOS 12.2(55)SE7

12.2\(55\)se7

Cisco IOS 12.2(55)SE8

12.2\(55\)se8

Cisco IOS 12.2(55)SE9

12.2\(55\)se9

Cisco IOS 12.2(55)SE10

12.2\(55\)se10

Cisco IOS 12.2(58)EX

12.2\(58\)ex

Cisco IOS 12.2(58)EY

12.2\(58\)ey

Cisco IOS 12.2(58)EY1

12.2\(58\)ey1

Cisco IOS 12.2(58)EY2

12.2\(58\)ey2

Cisco IOS 12.2(58)EZ

12.2\(58\)ez

Cisco IOS 12.2(58)SE

12.2\(58\)se

Cisco IOS 12.2(58)SE1

12.2\(58\)se1

Cisco IOS 12.2(58)SE2

12.2\(58\)se2

Cisco IOS 12.2(60)EZ

12.2\(60\)ez

Cisco IOS 12.2(60)EZ1

12.2\(60\)ez1

Cisco IOS 12.2(60)EZ2

12.2\(60\)ez2

Cisco IOS 12.2(60)EZ3

12.2\(60\)ez3

Cisco IOS 12.2(60)EZ4

12.2\(60\)ez4

Cisco IOS 12.2(60)EZ5

12.2\(60\)ez5

Cisco IOS 12.2(60)EZ6

12.2\(60\)ez6

Cisco IOS 12.2(60)EZ7

12.2\(60\)ez7

Cisco IOS 12.2(60)EZ8

12.2\(60\)ez8

Cisco IOS 15.0(1)EX

15.0\(1\)ex

Cisco IOS 15.0(1)EY

15.0\(1\)ey

Cisco IOS 15.0(1)EY1

15.0\(1\)ey1

Cisco IOS 15.0(1)EY2

15.0\(1\)ey2

Cisco IOS 15.0 (1)SE

15.0\(1\)se

Cisco IOS 15.0(1)SE1

15.0\(1\)se1

Cisco IOS 15.0(1)SE2

15.0\(1\)se2

Cisco IOS 15.0(1)SE3

15.0\(1\)se3

Cisco IOS 15.0(2)EB

15.0\(2\)eb

Cisco IOS 15.0(2)EC

15.0\(2\)ec

Cisco IOS 15.0(2)ED

15.0\(2\)ed

Cisco IOS 15.0(2)ED1

15.0\(2\)ed1

Cisco IOS 15.0(2)EH

15.0\(2\)eh

Cisco IOS 15.0(2)EJ

15.0\(2\)ej

Cisco IOS 15.0(2)EJ1

15.0\(2\)ej1

Cisco IOS 15.0(2)EK

15.0\(2\)ek

Cisco IOS 15.0(2)EK1

15.0\(2\)ek1

Cisco IOS 15.0(2)EX

15.0\(2\)ex

Cisco IOS 15.0(2)EX1

15.0\(2\)ex1

Cisco IOS 15.0(2)EX2

15.0\(2\)ex2

Cisco IOS 15.0(2)EX3

15.0\(2\)ex3

Cisco IOS 15.0(2)EX4

15.0\(2\)ex4

Cisco IOS 15.0(2)EX5

15.0\(2\)ex5

Cisco IOS 15.0(2)EX8

15.0\(2\)ex8

Cisco IOS 15.0(2)EX10

15.0\(2\)ex10

Cisco IOS 15.0(2)EY

15.0\(2\)ey

Cisco IOS 15.0(2)EY1

15.0\(2\)ey1

Cisco IOS 15.0(2)EY2

15.0\(2\)ey2

Cisco IOS 15.0(2)EY3

15.0\(2\)ey3

Cisco IOS 15.0(2)EZ

15.0\(2\)ez

Cisco IOS 15.0(2)SE

15.0\(2\)se

Cisco IOS 15.0(2)SE1

15.0\(2\)se1

Cisco IOS 15.0(2)SE2

15.0\(2\)se2

Cisco IOS 15.0(2)SE3

15.0\(2\)se3

Cisco IOS 15.0(2)SE4

15.0\(2\)se4

Cisco IOS 15.0(2)SE5

15.0\(2\)se5

Cisco IOS 15.0(2)SE6

15.0\(2\)se6

Cisco IOS 15.0(2)SE7

15.0\(2\)se7

Cisco IOS 15.0(2)SE9

15.0\(2\)se9

Cisco IOS 15.0(2a)EX5

15.0\(2a\)ex5

Cisco IOS 15.0(2A)SE9

15.0\(2a\)se9

Cisco IOS 15.1(2)SG

15.1\(2\)sg

Cisco IOS 15.1(2)SG1

15.1\(2\)sg1

Cisco IOS 15.1(2)SG2

15.1\(2\)sg2

Cisco IOS 15.1(2)SG3

15.1\(2\)sg3

Cisco IOS 15.1(2)SG4

15.1\(2\)sg4

Cisco IOS 15.1(2)SG5

15.1\(2\)sg5

Cisco IOS 15.1(2)SG6

15.1\(2\)sg6

Cisco IOS 15.1(2)SG7

15.1\(2\)sg7

Cisco IOS 15.2(1)E

15.2\(1\)e

Cisco IOS 15.2(1)E1

15.2\(1\)e1

Cisco IOS 15.2(1)E2

15.2\(1\)e2

Cisco IOS 15.2(1)E3

15.2\(1\)e3

Cisco IOS 15.2(1)EY

15.2\(1\)ey

Cisco IOS 15.2(2)E

15.2\(2\)e

Cisco IOS 15.2(2)E1

15.2\(2\)e1

Cisco IOS 15.2(2)E2

15.2\(2\)e2

Cisco IOS 15.2(2)E4

15.2\(2\)e4

Cisco IOS 15.2(2)EB2

15.2\(2\)eb2

Cisco IOS 15.2(2a)E1

15.2\(2a\)e1

Cisco IOS 15.2(3)E

15.2\(3\)e

Cisco IOS 15.2(3)E1

15.2\(3\)e1

Cisco IOS 15.2(3)E3

15.2\(3\)e3

Cisco IOS 15.2(3a)E

15.2\(3a\)e

Cisco IOS 15.2(4)E

15.2\(4\)e

Cisco IOS 15.2(4)E1

15.2\(4\)e1

Cisco IOS 15.2(4M)E1

15.2\(4m\)e1

Cisco IOS XE 3.2.1SE

3.2.1se

Cisco IOS XE 3.2.2SE

3.2.2se

Cisco IOS XE 3.2.3SE

3.2.3se

Cisco IOS XE 3.3.0SE

3.3.0se

Cisco IOS XE 3.3.1SE

3.3.1se

Cisco IOS XE 3.5.0E

3.5.0e

Cisco IOS XE 3.5.1E

3.5.1e

Cisco IOS XE 3.5.2E

3.5.2e

Cisco IOS XE 3.7.5E

3.7.5e

Cisco IOS XE 3.8.2E

3.8.2e

References

20160928 Cisco IOS and IOS XE Software Smart Install Memory Leak Vulnerability

Mitigation, Vendor Advisory

93203

Third Party Advisory, VDB Entry

1036914

https://ics-cert.us-cert.gov/advisories/ICSA-16-287-04

Third Party Advisory, US Government Resource

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.