CVE-2016-6457

Published on: 11/18/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:12 PM UTC

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Certain versions of Application Policy Infrastructure Controller from Cisco contain the following vulnerability:

A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability affects Cisco Nexus 9000 Series Leaf Switches (TOR) - ACI Mode and Cisco Application Policy Infrastructure Controller (APIC). More Information: CSCuy93241. Known Affected Releases: 11.2(2x) 11.2(3x) 11.3(1x) 11.3(2x) 12.0(1x). Known Fixed Releases: 11.2(2i) 11.2(2j) 11.2(3f) 11.2(3g) 11.2(3h) 11.2(3l) 11.3(0.236) 11.3(1j) 11.3(2i) 11.3(2j) 12.0(1r).

  • CVE-2016-6457 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as MEDIUM severity.

CVSS3 Score: 6.5 - MEDIUM

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
ADJACENT_NETWORK LOW NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED NONE NONE HIGH

CVSS2 Score: 6.1 - MEDIUM

Access
Vector
Access
Complexity
Authentication
ADJACENT_NETWORK LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
NONE NONE COMPLETE

CVE References

Description Tags Link
Cisco Application Policy Infrastructure Controller CVE-2016-6457 Denial of Service Vulnerability Third Party Advisory
VDB Entry
cve.report (archive)
text/html
URL Logo BID 94077
Cisco Application Policy Infrastructure Controller on Nexus 9000 Series Leaf Switches Lets Remote Users Deny Service - SecurityTracker www.securitytracker.com
text/html
URL Logo SECTRACK 1037185
Cisco Application Policy Infrastructure Controller Denial of Service Vulnerability Mitigation
Vendor Advisory
tools.cisco.com
text/html
URL Logo CONFIRM tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-n9kapic

Related QID Numbers

  • 316926 Cisco Application Policy Infrastructure Controller Denial of Service Vulnerability(cisco-sa-20161102-n9kapic)
  • 316927 Cisco NX-OS with ACI mode Denial of Service Vulnerability(cisco-sa-20161102-n9kapic)

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationCiscoApplication Policy Infrastructure Controller1.2\(2\)AllAllAll
ApplicationCiscoApplication Policy Infrastructure Controller1.2\(3\)AllAllAll
ApplicationCiscoApplication Policy Infrastructure Controller1.3\(1\)AllAllAll
ApplicationCiscoApplication Policy Infrastructure Controller1.3\(2\)AllAllAll
ApplicationCiscoApplication Policy Infrastructure Controller2.0\(1\)AllAllAll
ApplicationCiscoApplication Policy Infrastructure Controller1.2\(2\)AllAllAll
ApplicationCiscoApplication Policy Infrastructure Controller1.2\(3\)AllAllAll
ApplicationCiscoApplication Policy Infrastructure Controller1.3\(1\)AllAllAll
ApplicationCiscoApplication Policy Infrastructure Controller1.3\(2\)AllAllAll
ApplicationCiscoApplication Policy Infrastructure Controller2.0\(1\)AllAllAll
HardwareCiscoNexus 92160yc-x-AllAllAll
HardwareCiscoNexus 92160yc-x-AllAllAll
HardwareCiscoNexus 92304qc-AllAllAll
HardwareCiscoNexus 92304qc-AllAllAll
HardwareCiscoNexus 9236c-AllAllAll
HardwareCiscoNexus 9236c-AllAllAll
HardwareCiscoNexus 9272q-AllAllAll
HardwareCiscoNexus 9272q-AllAllAll
HardwareCiscoNexus 93108tc-ex-AllAllAll
HardwareCiscoNexus 93108tc-ex-AllAllAll
HardwareCiscoNexus 93120tx-AllAllAll
HardwareCiscoNexus 93120tx-AllAllAll
HardwareCiscoNexus 93128tx-AllAllAll
HardwareCiscoNexus 93128tx-AllAllAll
HardwareCiscoNexus 93180yc-ex-AllAllAll
HardwareCiscoNexus 93180yc-ex-AllAllAll
HardwareCiscoNexus 9332pq-AllAllAll
HardwareCiscoNexus 9332pq-AllAllAll
HardwareCiscoNexus 9336pq Aci Spine-AllAllAll
HardwareCiscoNexus 9336pq Aci Spine-AllAllAll
HardwareCiscoNexus 9372px-AllAllAll
HardwareCiscoNexus 9372px-AllAllAll
HardwareCiscoNexus 9372tx-AllAllAll
HardwareCiscoNexus 9372tx-AllAllAll
HardwareCiscoNexus 9396px-AllAllAll
HardwareCiscoNexus 9396px-AllAllAll
HardwareCiscoNexus 9396tx-AllAllAll
HardwareCiscoNexus 9396tx-AllAllAll
HardwareCiscoNexus 9504-AllAllAll
HardwareCiscoNexus 9504-AllAllAll
HardwareCiscoNexus 9508-AllAllAll
HardwareCiscoNexus 9508-AllAllAll
HardwareCiscoNexus 9516-AllAllAll
HardwareCiscoNexus 9516-AllAllAll
ApplicationCiscoNx-os11.2\(2g\)AllAllAll
ApplicationCiscoNx-os11.2\(2h\)AllAllAll
ApplicationCiscoNx-os11.2\(2i\)AllAllAll
ApplicationCiscoNx-os11.2\(3c\)AllAllAll
ApplicationCiscoNx-os11.2\(3e\)AllAllAll
ApplicationCiscoNx-os11.2\(3h\)AllAllAll
ApplicationCiscoNx-os11.3\(1i\)AllAllAll
ApplicationCiscoNx-os11.3\(2f\)AllAllAll
ApplicationCiscoNx-os11.3\(2h\)AllAllAll
ApplicationCiscoNx-os11.3\(2i\)AllAllAll
ApplicationCiscoNx-os12.0\(1m\)AllAllAll
ApplicationCiscoNx-os12.0\(1n\)AllAllAll
ApplicationCiscoNx-os12.0\(1o\)AllAllAll
ApplicationCiscoNx-os12.0\(1p\)AllAllAll
ApplicationCiscoNx-os12.0\(1q\)AllAllAll
ApplicationCiscoNx-os11.2\(2g\)AllAllAll
ApplicationCiscoNx-os11.2\(2h\)AllAllAll
ApplicationCiscoNx-os11.2\(2i\)AllAllAll
ApplicationCiscoNx-os11.2\(3c\)AllAllAll
ApplicationCiscoNx-os11.2\(3e\)AllAllAll
ApplicationCiscoNx-os11.2\(3h\)AllAllAll
ApplicationCiscoNx-os11.3\(1i\)AllAllAll
ApplicationCiscoNx-os11.3\(2f\)AllAllAll
ApplicationCiscoNx-os11.3\(2h\)AllAllAll
ApplicationCiscoNx-os11.3\(2i\)AllAllAll
ApplicationCiscoNx-os12.0\(1m\)AllAllAll
ApplicationCiscoNx-os12.0\(1n\)AllAllAll
ApplicationCiscoNx-os12.0\(1o\)AllAllAll
ApplicationCiscoNx-os12.0\(1p\)AllAllAll
ApplicationCiscoNx-os12.0\(1q\)AllAllAll
  • cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\(2\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\(3\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\(1\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\(2\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\(1\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\(2\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\(3\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\(1\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\(2\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\(1\):*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:11.2\(2g\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:11.2\(2h\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:11.2\(2i\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:11.2\(3c\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:11.2\(3e\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:11.2\(3h\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:11.3\(1i\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:11.3\(2f\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:11.3\(2h\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:11.3\(2i\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:12.0\(1m\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:12.0\(1n\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:12.0\(1o\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:12.0\(1p\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:12.0\(1q\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:11.2\(2g\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:11.2\(2h\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:11.2\(2i\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:11.2\(3c\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:11.2\(3e\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:11.2\(3h\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:11.3\(1i\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:11.3\(2f\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:11.3\(2h\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:11.3\(2i\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:12.0\(1m\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:12.0\(1n\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:12.0\(1o\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:12.0\(1p\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:12.0\(1q\):*:*:*:*:*:*:*: