CVE-2016-1348
First published: Sat Mar 26 2016(Updated: )
Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 Relay message, aka Bug ID CSCus55821.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco IOS XE Web UI | =3.3xo_3.3.0xo | |
| Cisco IOS XE Web UI | =3.3xo_3.3.1xo | |
| Cisco IOS XE Web UI | =3.3xo_3.3.2xo | |
| Cisco IOS XE Web UI | =3.5e_3.5.0e | |
| Cisco IOS XE Web UI | =3.5e_3.5.1e | |
| Cisco IOS XE Web UI | =3.5e_3.5.2e | |
| Cisco IOS XE Web UI | =3.5e_3.5.3e | |
| Cisco IOS XE Web UI | =3.5s_3.5.0s | |
| Cisco IOS XE Web UI | =3.5s_3.5.1s | |
| Cisco IOS XE Web UI | =3.5s_3.5.2s | |
| Cisco IOS XE Web UI | =3.6e_3.6.0e | |
| Cisco IOS XE Web UI | =3.6e_3.6.1e | |
| Cisco IOS XE Web UI | =3.6e_3.6.2ae | |
| Cisco IOS XE Web UI | =3.6e_3.6.2e | |
| Cisco IOS XE Web UI | =3.6e_3.6.3e | |
| Cisco IOS XE Web UI | =3.6s_3.6.0s | |
| Cisco IOS XE Web UI | =3.6s_3.6.1s | |
| Cisco IOS XE Web UI | =3.6s_3.6.2s | |
| Cisco IOS XE Web UI | =3.7e_3.7.0e | |
| Cisco IOS XE Web UI | =3.7e_3.7.1e | |
| Cisco IOS XE Web UI | =3.7e_3.7.2e | |
| Cisco IOS XE Web UI | =3.7s_3.7.0s | |
| Cisco IOS XE Web UI | =3.7s_3.7.1s | |
| Cisco IOS XE Web UI | =3.7s_3.7.2s | |
| Cisco IOS XE Web UI | =3.7s_3.7.2ts | |
| Cisco IOS XE Web UI | =3.7s_3.7.3s | |
| Cisco IOS XE Web UI | =3.7s_3.7.4as | |
| Cisco IOS XE Web UI | =3.7s_3.7.4s | |
| Cisco IOS XE Web UI | =3.7s_3.7.5s | |
| Cisco IOS XE Web UI | =3.7s_3.7.6s | |
| Cisco IOS XE Web UI | =3.7s_3.7.7s | |
| Cisco IOS XE Web UI | =3.8e_3.8.0e | |
| Cisco IOS XE Web UI | =3.8s_3.8.0s | |
| Cisco IOS XE Web UI | =3.8s_3.8.1s | |
| Cisco IOS XE Web UI | =3.8s_3.8.2s | |
| Cisco IOS XE Web UI | =3.9s_3.9.0as | |
| Cisco IOS XE Web UI | =3.9s_3.9.0s | |
| Cisco IOS XE Web UI | =3.9s_3.9.1as | |
| Cisco IOS XE Web UI | =3.9s_3.9.1s | |
| Cisco IOS XE Web UI | =3.9s_3.9.2s | |
| Cisco IOS XE Web UI | =3.10s_3.10.0s | |
| Cisco IOS XE Web UI | =3.10s_3.10.1s | |
| Cisco IOS XE Web UI | =3.10s_3.10.1xbs | |
| Cisco IOS XE Web UI | =3.10s_3.10.2s | |
| Cisco IOS XE Web UI | =3.10s_3.10.3s | |
| Cisco IOS XE Web UI | =3.10s_3.10.4s | |
| Cisco IOS XE Web UI | =3.10s_3.10.5s | |
| Cisco IOS XE Web UI | =3.10s_3.10.6s | |
| Cisco IOS XE Web UI | =3.11s_3.11.0s | |
| Cisco IOS XE Web UI | =3.11s_3.11.1s | |
| Cisco IOS XE Web UI | =3.11s_3.11.2s | |
| Cisco IOS XE Web UI | =3.11s_3.11.3s | |
| Cisco IOS XE Web UI | =3.11s_3.11.4s | |
| Cisco IOS XE Web UI | =3.12s_3.12.0s | |
| Cisco IOS XE Web UI | =3.12s_3.12.1s | |
| Cisco IOS XE Web UI | =3.12s_3.12.2s | |
| Cisco IOS XE Web UI | =3.12s_3.12.3s | |
| Cisco IOS XE Web UI | =3.12s_3.12.4s | |
| Cisco IOS XE Web UI | =3.13s_3.13.0as | |
| Cisco IOS XE Web UI | =3.13s_3.13.0s | |
| Cisco IOS XE Web UI | =3.13s_3.13.1s | |
| Cisco IOS XE Web UI | =3.13s_3.13.2as | |
| Cisco IOS XE Web UI | =3.13s_3.13.2s | |
| Cisco IOS XE Web UI | =3.13s_3.13.3s | |
| Cisco IOS XE Web UI | =3.13s_3.13.4s | |
| Cisco IOS XE Web UI | =3.14s_3.14.0s | |
| Cisco IOS XE Web UI | =3.14s_3.14.1s | |
| Cisco IOS XE Web UI | =3.14s_3.14.2s | |
| Cisco IOS XE Web UI | =3.14s_3.14.3s | |
| Cisco IOS XE Web UI | =3.15s_3.15.0s | |
| Cisco IOS XE Web UI | =3.15s_3.15.1cs | |
| Cisco IOS XE Web UI | =3.15s_3.15.1s | |
| Cisco IOS XE Web UI | =3.15s_3.15.2s | |
| Cisco IOS XE Web UI | =3.16s_3.16.0cs | |
| Cisco IOS XE Web UI | =3.16s_3.16.0s | |
| Cisco IOS XE Web UI | =3.16s_3.16.1as | |
| Cisco IOS XE Web UI | =3.16s_3.16.1s | |
| NETGEAR JR6150 | <2017-01-06 | |
| Samsung X14J eu | =t-ms14jakucb-1102.5 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =snv_124 | |
| Zyxel GS1900-10HP firmware | <2.50\(aazi.0\)c0 | |
| zzinc KeyMouse | =3.08 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2016-1348?
CVE-2016-1348 has a severity rating of high due to its potential to cause a denial of service.
How do I fix CVE-2016-1348?
To fix CVE-2016-1348, upgrade affected Cisco IOS and IOS XE versions to a patched release available from Cisco.
What systems are affected by CVE-2016-1348?
CVE-2016-1348 affects Cisco IOS versions 15.0 through 15.5 and IOS XE versions 3.3 through 3.16.
What type of attack is possible with CVE-2016-1348?
CVE-2016-1348 allows remote attackers to exploit a denial of service by sending crafted DHCPv6 Relay messages.
Is there a workaround for CVE-2016-1348?
There are no official workarounds for CVE-2016-1348, so upgrading to fixed versions is recommended.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco ios xe web ui
- version/cisco ios xe web ui/3.3xo_3.3.0xo
- version/cisco ios xe web ui/3.3xo_3.3.1xo
- version/cisco ios xe web ui/3.3xo_3.3.2xo
- version/cisco ios xe web ui/3.5e_3.5.0e
- version/cisco ios xe web ui/3.5e_3.5.1e
- version/cisco ios xe web ui/3.5e_3.5.2e
- version/cisco ios xe web ui/3.5e_3.5.3e
- version/cisco ios xe web ui/3.5s_3.5.0s
- version/cisco ios xe web ui/3.5s_3.5.1s
- version/cisco ios xe web ui/3.5s_3.5.2s
- version/cisco ios xe web ui/3.6e_3.6.0e
- version/cisco ios xe web ui/3.6e_3.6.1e
- version/cisco ios xe web ui/3.6e_3.6.2ae
- version/cisco ios xe web ui/3.6e_3.6.2e
- version/cisco ios xe web ui/3.6e_3.6.3e
- version/cisco ios xe web ui/3.6s_3.6.0s
- version/cisco ios xe web ui/3.6s_3.6.1s
- version/cisco ios xe web ui/3.6s_3.6.2s
- version/cisco ios xe web ui/3.7e_3.7.0e
- version/cisco ios xe web ui/3.7e_3.7.1e
- version/cisco ios xe web ui/3.7e_3.7.2e
- version/cisco ios xe web ui/3.7s_3.7.0s
- version/cisco ios xe web ui/3.7s_3.7.1s
- version/cisco ios xe web ui/3.7s_3.7.2s
- version/cisco ios xe web ui/3.7s_3.7.2ts
- version/cisco ios xe web ui/3.7s_3.7.3s
- version/cisco ios xe web ui/3.7s_3.7.4as
- version/cisco ios xe web ui/3.7s_3.7.4s
- version/cisco ios xe web ui/3.7s_3.7.5s
- version/cisco ios xe web ui/3.7s_3.7.6s
- version/cisco ios xe web ui/3.7s_3.7.7s
- version/cisco ios xe web ui/3.8e_3.8.0e
- version/cisco ios xe web ui/3.8s_3.8.0s
- version/cisco ios xe web ui/3.8s_3.8.1s
- version/cisco ios xe web ui/3.8s_3.8.2s
- version/cisco ios xe web ui/3.9s_3.9.0as
- version/cisco ios xe web ui/3.9s_3.9.0s
- version/cisco ios xe web ui/3.9s_3.9.1as
- version/cisco ios xe web ui/3.9s_3.9.1s
- version/cisco ios xe web ui/3.9s_3.9.2s
- version/cisco ios xe web ui/3.10s_3.10.0s
- version/cisco ios xe web ui/3.10s_3.10.1s
- version/cisco ios xe web ui/3.10s_3.10.1xbs
- version/cisco ios xe web ui/3.10s_3.10.2s
- version/cisco ios xe web ui/3.10s_3.10.3s
- version/cisco ios xe web ui/3.10s_3.10.4s
- version/cisco ios xe web ui/3.10s_3.10.5s
- version/cisco ios xe web ui/3.10s_3.10.6s
- version/cisco ios xe web ui/3.11s_3.11.0s
- version/cisco ios xe web ui/3.11s_3.11.1s
- version/cisco ios xe web ui/3.11s_3.11.2s
- version/cisco ios xe web ui/3.11s_3.11.3s
- version/cisco ios xe web ui/3.11s_3.11.4s
- version/cisco ios xe web ui/3.12s_3.12.0s
- version/cisco ios xe web ui/3.12s_3.12.1s
- version/cisco ios xe web ui/3.12s_3.12.2s
- version/cisco ios xe web ui/3.12s_3.12.3s
- version/cisco ios xe web ui/3.12s_3.12.4s
- version/cisco ios xe web ui/3.13s_3.13.0as
- version/cisco ios xe web ui/3.13s_3.13.0s
- version/cisco ios xe web ui/3.13s_3.13.1s
- version/cisco ios xe web ui/3.13s_3.13.2as
- version/cisco ios xe web ui/3.13s_3.13.2s
- version/cisco ios xe web ui/3.13s_3.13.3s
- version/cisco ios xe web ui/3.13s_3.13.4s
- version/cisco ios xe web ui/3.14s_3.14.0s
- version/cisco ios xe web ui/3.14s_3.14.1s
- version/cisco ios xe web ui/3.14s_3.14.2s
- version/cisco ios xe web ui/3.14s_3.14.3s
- version/cisco ios xe web ui/3.15s_3.15.0s
- version/cisco ios xe web ui/3.15s_3.15.1cs
- version/cisco ios xe web ui/3.15s_3.15.1s
- version/cisco ios xe web ui/3.15s_3.15.2s
- version/cisco ios xe web ui/3.16s_3.16.0cs
- version/cisco ios xe web ui/3.16s_3.16.0s
- version/cisco ios xe web ui/3.16s_3.16.1as
- version/cisco ios xe web ui/3.16s_3.16.1s
- vendor/netgear
- canonical/netgear jr6150
- vendor/samsung
- canonical/samsung x14j eu
- version/samsung x14j eu/t-ms14jakucb-1102.5
- vendor/sun
- canonical/oracle solaris and zettabyte file system (zfs)
- version/oracle solaris and zettabyte file system (zfs)/snv_124
- vendor/zyxel
- canonical/zyxel gs1900-10hp firmware
- vendor/zzinc
- canonical/zzinc keymouse
- version/zzinc keymouse/3.08