CVE-2016-1347

The Wide Area Application Services (WAAS) Express implementation in Cisco IOS 15.1 through 15.5 allows remote attackers to cause a denial of service (device reload) via a crafted TCP segment, aka Bug ID CSCuq59708.

Published: Mar 24, 2016
Updated: Apr 13, 2023
CVE: CVE-2016-1347
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

CWEs:

CWE-399

Affected Software
References

Software	From	Fixed in
cisco / ios	15.2(4)m7	15.2(4)m7.x
cisco / ios	15.4(3)m2	15.4(3)m2.x
cisco / ios	15.4(2)t1	15.4(2)t1.x
cisco / ios	15.4(1)t2	15.4(1)t2.x
cisco / ios	15.1(4)gc2	15.1(4)gc2.x
cisco / ios	15.4(2)t2	15.4(2)t2.x
cisco / ios	15.5(2)t3	15.5(2)t3.x
cisco / ios	15.4(3)m3	15.4(3)m3.x
cisco / ios	15.4(2)t3	15.4(2)t3.x
cisco / ios	15.5(3)m	15.5(3)m.x
cisco / ios	15.3(3)m	15.3(3)m.x
cisco / ios	15.3(3)m3	15.3(3)m3.x
cisco / ios	15.4(1)t	15.4(1)t.x
cisco / ios	15.4(2)t	15.4(2)t.x
cisco / ios	15.5(2)t2	15.5(2)t2.x
cisco / ios	15.4(1)t1	15.4(1)t1.x
cisco / ios	15.3(3)m6	15.3(3)m6.x
cisco / ios	15.2(4)jaz1	15.2(4)jaz1.x
cisco / ios	15.3(3)m4	15.3(3)m4.x
cisco / ios	15.5(2)t1	15.5(2)t1.x
cisco / ios	15.3(1)t2	15.3(1)t2.x
cisco / ios	15.4(3)m1	15.4(3)m1.x
cisco / ios	15.1(4)m6	15.1(4)m6.x
cisco / ios	15.4(3)m	15.4(3)m.x
cisco / ios	15.4(2)t4	15.4(2)t4.x
cisco / ios	15.1(4)xb7	15.1(4)xb7.x
cisco / ios	15.1(4)xb6	15.1(4)xb6.x
cisco / ios	15.1(4)xb8a	15.1(4)xb8a.x
cisco / ios	15.1(4)xb8	15.1(4)xb8.x
cisco / ios	15.1(4)xb4	15.1(4)xb4.x
cisco / ios	15.1(4)xb5	15.1(4)xb5.x
cisco / ios	15.1(4)xb5a	15.1(4)xb5a.x
cisco / ios	15.3(3)jaa1	15.3(3)jaa1.x

Vulnerability Database

290,206

CVE-2016-1347