Vulnerability CVE-2016-6399


Published: 2016-09-12

Description:
Cisco ACE30 Application Control Engine Module through A5 3.3 and ACE 4700 Application Control Engine appliances through A5 3.3 allow remote attackers to cause a denial of service (device reload) via crafted (1) SSL or (2) TLS packets, aka Bug ID CSCvb16317.

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Cisco -> Ace application control engine module a1 
Cisco -> Ace application control engine module a3 
Cisco -> Ace application control engine module a4 
Cisco -> Ace application control engine module a5 
Cisco -> Ace 4700 series application control engine appliance 
Cisco -> Ace 4700 series application control engine appliance a1 
Cisco -> Ace 4700 series application control engine appliance a3 
Cisco -> Ace 4700 series application control engine appliance a4 
Cisco -> Ace 4700 series application control engine appliance a5 

 References:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160908-ace

Copyright 2021, cxsecurity.com

 

Back to Top