CVE-2016-1349

NONE EPSS 78.2%
Published Mar 26, 201610y ago · Modified Jun 17, 20262w ago
Find Similar
Published Mar 26, 2016 10y ago
Last Modified Jun 17, 2026 2w ago

Description

The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410.

Threat Intelligence

EPSS Exploit Probability
78.2% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-399

Affected Products 38

VendorProductVersionRange
ciscoios_xe3.2ja_3.2.0jaany
ciscoios_xe3.2se_3.2.0seany
ciscoios_xe3.2se_3.2.1seany
ciscoios_xe3.2se_3.2.2seany
ciscoios_xe3.2se_3.2.3seany
ciscoios_xe3.3se_3.3.0seany
ciscoios_xe3.3se_3.3.1seany
ciscoios_xe3.3se_3.3.2seany
ciscoios_xe3.3se_3.3.3seany
ciscoios_xe3.3se_3.3.4seany
ciscoios_xe3.3se_3.3.5seany
ciscoios_xe3.3xo_3.3.0xoany
ciscoios_xe3.3xo_3.3.1xoany
ciscoios_xe3.3xo_3.3.2xoany
ciscoios_xe3.4sg_3.4.0sgany
ciscoios_xe3.4sg_3.4.1sgany
ciscoios_xe3.4sg_3.4.2sgany
ciscoios_xe3.4sg_3.4.3sgany
ciscoios_xe3.4sg_3.4.4sgany
ciscoios_xe3.4sg_3.4.5sgany
ciscoios_xe3.4sg_3.4.6sgany
ciscoios_xe3.5e_3.5.0eany
ciscoios_xe3.5e_3.5.1eany
ciscoios_xe3.5e_3.5.2eany
ciscoios_xe3.5e_3.5.3eany
ciscoios_xe3.6e_3.6.0eany
ciscoios_xe3.6e_3.6.1eany
ciscoios_xe3.6e_3.6.2aeany
ciscoios_xe3.6e_3.6.2eany
ciscoios_xe3.7e_3.7.0eany
ciscoios_xe3.7e_3.7.1eany
ciscoios_xe3.7e_3.7.2eany
intelcore_i5-9400f_firmware*any
netgearjr6150_firmware* <2017-01-06
samsungx14j_firmwaret-ms14jakucb-1102.5any
sunopensolarissnv_124any
zyxelgs1900-10hp_firmware* <2.50\(aazi.0\)c0
zzinckeymouse_firmware3.08any

References 2

  • tools.cisco.com http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-smi
    Vendor Advisory
  • securitytracker.com http://www.securitytracker.com/id/1035385

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.