Vulnerability Database

346,508

Total vulnerabilities in the database

CVE-2016-6391 — cisco / ios

Resource Management Errors

Cisco IOS 12.2 and 15.0 through 15.3 allows remote attackers to cause a denial of service (traffic-processing outage) via a crafted series of Common Industrial Protocol (CIP) requests, aka Bug ID CSCur69036.

  • Published: Oct 5, 2016
  • Updated: Nov 9, 2025
  • CVE: CVE-2016-6391
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.8
  • AV:N/AC:L/Au:N/C:N/I:N/A:C

CWEs:

Software From Fixed in
cisco / ios 15.3(3)jnb3 15.3(3)jnb3.x
cisco / ios 15.0(1)ey 15.0(1)ey.x
cisco / ios 15.3(3)jb 15.3(3)jb.x
cisco / ios 15.3(3)jnb2 15.3(3)jnb2.x
cisco / ios 15.3(3)jaa 15.3(3)jaa.x
cisco / ios 15.3(3)jab 15.3(3)jab.x
cisco / ios 15.0(2)ey1 15.0(2)ey1.x
cisco / ios 12.2(55)se10 12.2(55)se10.x
cisco / ios 12.2(46)se 12.2(46)se.x
cisco / ios 15.3(3)jbb2 15.3(3)jbb2.x
cisco / ios 15.3(3)jc 15.3(3)jc.x
cisco / ios 15.3(3)ja77 15.3(3)ja77.x
cisco / ios 15.3(3)jnc1 15.3(3)jnc1.x
cisco / ios 12.2(44)ex1 12.2(44)ex1.x
cisco / ios 15.3(3)jbb5 15.3(3)jbb5.x
cisco / ios 15.0(2)ey 15.0(2)ey.x
cisco / ios 15.0(2)eb 15.0(2)eb.x
cisco / ios 15.3(3)jnp 15.3(3)jnp.x
cisco / ios 12.2(46)se2 12.2(46)se2.x
cisco / ios 15.3(3)jbb6a 15.3(3)jbb6a.x
cisco / ios 12.2(50)se3 12.2(50)se3.x
cisco / ios 15.3(3)jax 15.3(3)jax.x
cisco / ios 12.2(55)se8 12.2(55)se8.x
cisco / ios 15.3(3)jn3 15.3(3)jn3.x
cisco / ios 15.0(2)se4 15.0(2)se4.x
cisco / ios 15.0(2)ey2 15.0(2)ey2.x
cisco / ios 15.3(3)ja1 15.3(3)ja1.x
cisco / ios 15.2(2)e2 15.2(2)e2.x
cisco / ios 15.3(3)jnc 15.3(3)jnc.x
cisco / ios 12.2(55)se9 12.2(55)se9.x
cisco / ios 12.2(55)se7 12.2(55)se7.x
cisco / ios 15.3(3)jbb6 15.3(3)jbb6.x
cisco / ios 12.2(46)se1 12.2(46)se1.x
cisco / ios 15.3(3)ja8 15.3(3)ja8.x
cisco / ios 15.3(3)ja1n 15.3(3)ja1n.x
cisco / ios 12.2(55)se 12.2(55)se.x
cisco / ios 15.2(2)e1 15.2(2)e1.x
cisco / ios 15.3(3)ja9 15.3(3)ja9.x
cisco / ios 15.0(2)se3 15.0(2)se3.x
cisco / ios 15.3(3)jb75 15.3(3)jb75.x
cisco / ios 15.3(3)jnb 15.3(3)jnb.x
cisco / ios 15.2(2)e 15.2(2)e.x
cisco / ios 15.3(3)jn8 15.3(3)jn8.x
cisco / ios 15.0(2)se 15.0(2)se.x
cisco / ios 12.2(52)se1 12.2(52)se1.x
cisco / ios 15.0(2)se9 15.0(2)se9.x
cisco / ios 15.3(3)jnp1 15.3(3)jnp1.x
cisco / ios 15.0(2)se2 15.0(2)se2.x
cisco / ios 15.2(3)ea 15.2(3)ea.x
cisco / ios 12.2(55)se4 12.2(55)se4.x
cisco / ios 15.2(2)e4 15.2(2)e4.x
cisco / ios 12.2(50)se5 12.2(50)se5.x
cisco / ios 12.2(50)se1 12.2(50)se1.x
cisco / ios 12.2(55)se3 12.2(55)se3.x
cisco / ios 15.2(1)ey 15.2(1)ey.x
cisco / ios 15.3(3)jax2 15.3(3)jax2.x
cisco / ios 12.2(50)se2 12.2(50)se2.x
cisco / ios 15.0(2)se1 15.0(2)se1.x
cisco / ios 15.0(2)se7 15.0(2)se7.x
cisco / ios 15.0(2)se6 15.0(2)se6.x
cisco / ios 15.3(3)ja 15.3(3)ja.x
cisco / ios 15.0(1)ey1 15.0(1)ey1.x
cisco / ios 15.3(3)jbb50 15.3(3)jbb50.x
cisco / ios 12.2(50)se 12.2(50)se.x
cisco / ios 15.0(1)ey2 15.0(1)ey2.x
cisco / ios 15.3(3)jbb 15.3(3)jbb.x
cisco / ios 12.2(52)se 12.2(52)se.x
cisco / ios 12.2(55)se6 12.2(55)se6.x
cisco / ios 15.3(3)jbb4 15.3(3)jbb4.x
cisco / ios 15.3(3)jn4 15.3(3)jn4.x
cisco / ios 15.3(3)ja5 15.3(3)ja5.x
cisco / ios 15.0(2)se5 15.0(2)se5.x
cisco / ios 15.3(3)jbb8 15.3(3)jbb8.x
cisco / ios 12.2(44)ex 12.2(44)ex.x
cisco / ios 15.3(3)ja7 15.3(3)ja7.x
cisco / ios 12.2(58)se2 12.2(58)se2.x
cisco / ios 15.3(3)ja4 15.3(3)ja4.x
cisco / ios 15.0(2)ey3 15.0(2)ey3.x
cisco / ios 12.2(55)se5 12.2(55)se5.x
cisco / ios 15.3(3)jn7 15.3(3)jn7.x
cisco / ios 15.3(3)ja1m 15.3(3)ja1m.x
cisco / ios 15.3(3)jax1 15.3(3)jax1.x
cisco / ios 12.2(50)se4 12.2(50)se4.x
cisco / ios 15.3(3)jbb1 15.3(3)jbb1.x
cisco / ios 15.3(3)jnb1 15.3(3)jnb1.x

Frequently Asked Questions

A security vulnerability is a weakness in software, hardware, or configuration that can be exploited to compromise confidentiality, integrity, or availability. Many vulnerabilities are tracked as CVEs (Common Vulnerabilities and Exposures), which provide a standardized identifier so teams can coordinate patching, mitigation, and risk assessment across tools and vendors.

CVSS (Common Vulnerability Scoring System) estimates technical severity, but it doesn't automatically equal business risk. Prioritize using context like internet exposure, affected asset criticality, known exploitation (proof-of-concept or in-the-wild), and whether compensating controls exist. A "Medium" CVSS on an exposed, production system can be more urgent than a "Critical" on an isolated, non-production host.

A vulnerability is the underlying weakness. An exploit is the method or code used to take advantage of it. A zero-day is a vulnerability that is unknown to the vendor or has no publicly available fix when attackers begin using it. In practice, risk increases sharply when exploitation becomes reliable or widespread.

Recurring findings usually come from incomplete Asset Discovery, inconsistent patch management, inherited images, and configuration drift. In modern environments, you also need to watch the software supply chain: dependencies, containers, build pipelines, and third-party services can reintroduce the same weakness even after you patch a single host. Unknown or unmanaged assets (often called Shadow IT) are a common reason the same issues resurface.

Use a simple, repeatable triage model: focus first on externally exposed assets, high-value systems (identity, VPN, email, production), vulnerabilities with known exploits, and issues that enable remote code execution or privilege escalation. Then enforce patch SLAs and track progress using consistent metrics so remediation is steady, not reactive.

SynScan combines attack surface monitoring and continuous security auditing to keep your inventory current, flag high-impact vulnerabilities early, and help you turn raw findings into a practical remediation plan.