What is the severity of CVE-2016-6438?

CVE-2016-6438 has been assigned a Cisco severity rating of 'High'.

How do I fix CVE-2016-6438?

To mitigate CVE-2016-6438, upgrade your Cisco IOS XE software to the latest version specified in the advisory.

What devices are affected by CVE-2016-6438?

CVE-2016-6438 impacts Cisco cBR-8 Converged Broadband Routers running specific versions of Cisco IOS XE software.

Can CVE-2016-6438 be exploited remotely?

Yes, CVE-2016-6438 can be exploited by an unauthenticated remote attacker.

What type of impact does CVE-2016-6438 have on affected devices?

CVE-2016-6438 may cause unauthorized changes to the vty line configuration on affected Cisco devices.

Vulnerability/
CVE-2016-6438

medium

5.9

CWE

264

27/10/2016

6/8/2024

CVE-2016-6438

First published: Thu Oct 27 2016(Updated: )

A vulnerability in Cisco IOS XE Software running on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause a configuration integrity change to the vty line configuration on an affected device. This vulnerability affects the following releases of Cisco IOS XE Software running on Cisco cBR-8 Converged Broadband Routers: All 3.16S releases, All 3.17S releases, Release 3.18.0S, Release 3.18.1S, Release 3.18.0SP. More Information: CSCuz62815. Known Affected Releases: 15.5(3)S2.9, 15.6(2)SP. Known Fixed Releases: 15.6(1.7)SP1, 16.4(0.183), 16.5(0.1).

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco IOS XE Software	=3.16.0cs
Cisco IOS XE Software	=3.16.0s
Cisco IOS XE Software	=3.16.1as
Cisco IOS XE Software	=3.16.1s
Cisco IOS XE Software	=3.16.2as
Cisco IOS XE Software	=3.16.2bs
Cisco IOS XE Software	=3.16.2s
Cisco IOS XE Software	=3.16.3as
Cisco IOS XE Software	=3.16.3s
Cisco IOS XE Software	=3.16.4s
Cisco IOS XE Software	=3.17.0s
Cisco IOS XE Software	=3.17.1as
Cisco IOS XE Software	=3.17.1s
Cisco IOS XE Software	=3.17.2s
Cisco IOS XE Software	=3.18.0s
Cisco IOS XE Software	=3.18.0sp
Cisco IOS XE Software	=3.18.1s

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-6438?
CVE-2016-6438 has been assigned a Cisco severity rating of 'High'.
How do I fix CVE-2016-6438?
To mitigate CVE-2016-6438, upgrade your Cisco IOS XE software to the latest version specified in the advisory.
What devices are affected by CVE-2016-6438?
CVE-2016-6438 impacts Cisco cBR-8 Converged Broadband Routers running specific versions of Cisco IOS XE software.
Can CVE-2016-6438 be exploited remotely?
Yes, CVE-2016-6438 can be exploited by an unauthenticated remote attacker.
What type of impact does CVE-2016-6438 have on affected devices?
CVE-2016-6438 may cause unauthorized changes to the vty line configuration on affected Cisco devices.

agent/type
collector/mitre-cve
source/MITRE
agent/author
agent/last-modified-date
agent/references
agent/severity
agent/weakness
agent/event
agent/first-publish-date
agent/description
agent/trending
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco ios xe
version/cisco ios xe/3.16.0cs
version/cisco ios xe/3.16.0s
version/cisco ios xe/3.16.1as
version/cisco ios xe/3.16.1s
version/cisco ios xe/3.16.2as
version/cisco ios xe/3.16.2bs
version/cisco ios xe/3.16.2s
version/cisco ios xe/3.16.3as
version/cisco ios xe/3.16.3s
version/cisco ios xe/3.16.4s
version/cisco ios xe/3.17.0s
version/cisco ios xe/3.17.1as
version/cisco ios xe/3.17.1s
version/cisco ios xe/3.17.2s
version/cisco ios xe/3.18.0s
version/cisco ios xe/3.18.0sp
version/cisco ios xe/3.18.1s