1. Home
  2. CVE Database
  3. CVE-2016-6399
HIGH · 7.5

CVE-2016-6399

Cisco ACE30 Application Control Engine Module through A5 3.3 and ACE 4700 Application Control Engine appliances through A5 3.3 allow remote attackers to cause a denial of service (device reload) via c...

Vulnerability Description

Cisco ACE30 Application Control Engine Module through A5 3.3 and ACE 4700 Application Control Engine appliances through A5 3.3 allow remote attackers to cause a denial of service (device reload) via crafted (1) SSL or (2) TLS packets, aka Bug ID CSCvb16317.

CVSS Score

7.5

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
CiscoAce Application Control Engine Module A17a
CiscoAce Application Control Engine Module A31.0
CiscoAce Application Control Engine Module A41.0
CiscoAce Application Control Engine Module A51.0
CiscoAce 4700 Series Application Control Engine Appliancea5\(1.0\)
CiscoAce 4700 Series Application Control Engine Appliance A17
CiscoAce 4700 Series Application Control Engine Appliance A31.0
CiscoAce 4700 Series Application Control Engine Appliance A41.0
CiscoAce 4700 Series Application Control Engine Appliance A53.1a

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2016-6399?

CVE-2016-6399 is a vulnerability with a CVSS score of 7.5 (HIGH). Cisco ACE30 Application Control Engine Module through A5 3.3 and ACE 4700 Application Control Engine appliances through A5 3.3 allow remote attackers to cause a denial of service (device reload) via c...

How severe is CVE-2016-6399?

CVE-2016-6399 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-6399?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ace Application Control Engine Module A1, Cisco Ace Application Control Engine Module A3, Cisco Ace Application Control Engine Module A4, Cisco Ace Application Control Engine Module A5, Cisco Ace 4700 Series Application Control Engine Appliance.