← Back

CVE-2016-1407

nvd nist
Published: May 25, 2016Modified: May 6, 2026

JSON object

Loading...
7.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

Cisco IOS XR through 5.3.2 mishandles Local Packet Transport Services (LPTS) flow-base entries, which allows remote attackers to cause a denial of service (session drop) by making many connection attempts to open TCP ports, aka Bug ID CSCux95576.

Affected (79)

Products: Cisco: Ios Xr
Cisco
1 product
Ios Xr
Configuration A
79 vulnerable · 6 platform
Vulnerable SoftwareAffected Versions
Cisco
Ios Xr
Version 2.0.0
Ios Xr
Version 3.0.0
Ios Xr
Version 3.0.1
Ios Xr
Version 3.2.0
Ios Xr
Version 3.2.1
Ios Xr
Version 3.2.2
Ios Xr
Version 3.2.3
Ios Xr
Version 3.2.4
Ios Xr
Version 3.2.50
Ios Xr
Version 3.2.6
Ios Xr
Version 3.3.0
Ios Xr
Version 3.3.1
Ios Xr
Version 3.3.2
Ios Xr
Version 3.3.3
Ios Xr
Version 3.3.4
Ios Xr
Version 3.4.0
Ios Xr
Version 3.4.1
Ios Xr
Version 3.4.2
Ios Xr
Version 3.4.3
Ios Xr
Version 3.5.0
Ios Xr
Version 3.5.2
Ios Xr
Version 3.5.3
Ios Xr
Version 3.5.4
Ios Xr
Version 3.6.0
Ios Xr
Version 3.6.1
Ios Xr
Version 3.6.2
Ios Xr
Version 3.6.3
Ios Xr
Version 3.6_base
Ios Xr
Version 3.7.0
Ios Xr
Version 3.7.1
Ios Xr
Version 3.7.2
Ios Xr
Version 3.7.3
Ios Xr
Version 3.7_base
Ios Xr
Version 3.8.0
Ios Xr
Version 3.8.1
Ios Xr
Version 3.8.2
Ios Xr
Version 3.8.3
Ios Xr
Version 3.8.4
Ios Xr
Version 3.9.0
Ios Xr
Version 3.9.1
Ios Xr
Version 3.9.2
Ios Xr
Version 3.9.3
Ios Xr
Version 4.0.0
Ios Xr
Version 4.0.11
Ios Xr
Version 4.0.1
Ios Xr
Version 4.0.2
Ios Xr
Version 4.0.3
Ios Xr
Version 4.0.4
Ios Xr
Version 4.0_base
Ios Xr
Version 4.1.0
Ios Xr
Version 4.1.1
Ios Xr
Version 4.1.2
Ios Xr
Version 4.1_base
Ios Xr
Version 4.2.0
Ios Xr
Version 4.2.1
Ios Xr
Version 4.2.2
Ios Xr
Version 4.2.3
Ios Xr
Version 4.2.4
Ios Xr
Version 4.3.0
Ios Xr
Version 4.3.1
Ios Xr
Version 4.3.2
Ios Xr
Version 4.3.3
Ios Xr
Version 4.3.4
Ios Xr
Version 5.0.0
Ios Xr
Version 5.0.1
Ios Xr
Version 5.0_base
Ios Xr
Version 5.1.0
Ios Xr
Version 5.1.1.k9sec
Ios Xr
Version 5.1.2
Ios Xr
Version 5.1.3
Ios Xr
Version 5.2.0
Ios Xr
Version 5.2.1
Ios Xr
Version 5.2.2
Ios Xr
Version 5.2.3
Ios Xr
Version 5.2.4
Ios Xr
Version 5.2.5
Ios Xr
Version 5.3.0
Ios Xr
Version 5.3.1
Ios Xr
Version 5.3.2
Running on/withPlatform Versions
Cisco
Asr 9001
All versions
Cisco
Asr 9006
All versions
Cisco
Asr 9010
All versions
Cisco
Asr 9904
All versions
Cisco
Asr 9912
All versions
Cisco
Asr 9922
All versions

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.