PT-2016-1177 · Cisco · Industrial Ethernet 2000+2

Published

2016-02-15

Updated

2016-12-06

CVE-2016-1330

CVSS v3.1

6.5

Medium

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Cisco IOS version 15.2(4)E on Industrial Ethernet 2000 devices

Description The issue is related to errors in resource management and can be exploited by sending crafted Cisco Discovery Protocol (CDP) packets, which may cause a denial of service (device reload).

Recommendations For Cisco IOS version 15.2(4)E on Industrial Ethernet 2000 devices, consider restricting or disabling the use of Cisco Discovery Protocol (CDP) until a patch is available to prevent potential denial of service attacks.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

BDU:2016-00438

CVE-2016-1330

Affected Products

Cisco Discovery Protocol

Cisco Ios

Industrial Ethernet 2000

PT-2016-1177 · Cisco · Industrial Ethernet 2000+2

CVE-2016-1330

Weakness Enumeration

Related Identifiers

Affected Products

References · 5