1. Home
  2. CVE Database
  3. CVE-2016-1454
MEDIUM · 6.5

CVE-2016-1454

Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) ...

Vulnerability Description

Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and CSCux11417.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
CiscoNx-Os< 6.0\(2\)u6\(7\)
CiscoNexus 3016-
CiscoNexus 3048-
CiscoNexus 31108Pc-V-
CiscoNexus 31108Tc-V-
CiscoNexus 31128Pq-
CiscoNexus 3132Q-
CiscoNexus 3132Q-V-
CiscoNexus 3164Q-
CiscoNexus 3172-
CiscoNexus 3232C-
CiscoNexus 3264Q-
Cisco5548P-
Cisco5548Up-
Cisco5596T-
Cisco5596Up-
Cisco56128P-
Cisco5624Q-
Cisco5648Q-
Cisco5672Up-

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2016-1454?

CVE-2016-1454 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) ...

How severe is CVE-2016-1454?

CVE-2016-1454 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-1454?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Nx-Os, Cisco Nexus 3016, Cisco Nexus 3048, Cisco Nexus 31108Pc-V, Cisco Nexus 31108Tc-V.