CVE-2016-6367
Vulnerability from cvelistv5
Published
2016-08-18 18:00
Modified
2024-11-15 18:02
Severity ?
EPSS score ?
Summary
Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or EPICBANANA.
References
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog
Date added: 2022-05-24
Due date: 2022-06-14
Required action: Apply updates per vendor instructions.
Used in ransomware: Unknown
Notes: https://nvd.nist.gov/vuln/detail/CVE-2016-6367
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:29:19.523Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160817 Cisco Adaptive Security Appliance CLI Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cli"
},
{
"name": "40271",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40271/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blogs.cisco.com/security/shadow-brokers"
},
{
"name": "1036636",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036636"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516"
},
{
"name": "92520",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92520"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40271.zip"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2016-6367",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T17:38:49.876850Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-05-24",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2016-6367"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T18:02:12.143Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or EPICBANANA."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T20:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20160817 Cisco Adaptive Security Appliance CLI Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cli"
},
{
"name": "40271",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40271/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blogs.cisco.com/security/shadow-brokers"
},
{
"name": "1036636",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036636"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516"
},
{
"name": "92520",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92520"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40271.zip"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-6367",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or EPICBANANA."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160817 Cisco Adaptive Security Appliance CLI Remote Code Execution Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cli"
},
{
"name": "40271",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40271/"
},
{
"name": "http://blogs.cisco.com/security/shadow-brokers",
"refsource": "CONFIRM",
"url": "http://blogs.cisco.com/security/shadow-brokers"
},
{
"name": "1036636",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036636"
},
{
"name": "http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516"
},
{
"name": "92520",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92520"
},
{
"name": "https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40271.zip",
"refsource": "MISC",
"url": "https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40271.zip"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2016-6367",
"datePublished": "2016-08-18T18:00:00",
"dateReserved": "2016-07-26T00:00:00",
"dateUpdated": "2024-11-15T18:02:12.143Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2016-6367",
"cwes": "[\"CWE-77\"]",
"dateAdded": "2022-05-24",
"dueDate": "2022-06-14",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https://nvd.nist.gov/vuln/detail/CVE-2016-6367",
"product": "Adaptive Security Appliance (ASA)",
"requiredAction": "Apply updates per vendor instructions.",
"shortDescription": "A vulnerability in the command-line interface (CLI) parser of Cisco ASA software could allow an authenticated, local attacker to create a denial-of-service (DoS) condition or potentially execute code.",
"vendorProject": "Cisco",
"vulnerabilityName": "Cisco Adaptive Security Appliance (ASA) CLI Remote Code Execution Vulnerability"
},
"fkie_nvd": {
"cisaActionDue": "2022-06-14",
"cisaExploitAdd": "2022-05-24",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Cisco Adaptive Security Appliance (ASA) CLI Remote Code Execution Vulnerability",
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.2.0\", \"versionEndExcluding\": \"8.4\\\\(3\\\\)\", \"matchCriteriaId\": \"647D339E-8D4B-44F6-AFF0-9525CAA61891\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.5\", \"versionEndExcluding\": \"9.0\\\\(1\\\\)\", \"matchCriteriaId\": \"0C605BF9-ADCB-4CBA-AC44-C896B3C610B3\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asa_5500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7018906A-ACDF-4D7B-B816-ED9C235BF04E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asa_5500-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E10D97EB-51C4-4904-ABBA-5FCDC9B6D062\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asa_5500_csc-ssm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD44DFA7-9D3E-4158-9551-A698344F9022\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asa_5506-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"763B801D-CA1E-4C56-8B06-3373EA307C7E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asa_5506h-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"30AC6907-3091-409F-967D-64A82A0C5A8C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asa_5506w-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D11AF728-8EB0-45EB-A7DD-F2D52B3BB7B8\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asa_5508-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92AE506A-E710-465B-B795-470FDE0E0ECA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B091B9BA-D4CA-435B-8D66-602B45F0E0BD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"08F0F160-DAD2-48D4-B7B2-4818B2526F35\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"977D597B-F6DE-4438-AB02-06BE64D71EBE\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asa_5516-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1E07AF10-FFB2-4AC7-BBE7-199C3EFED81F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B387F62-6341-434D-903F-9B72E7F84ECB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB71EB29-0115-4307-A9F7-262394FD9FB0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"17C5A524-E1D9-480F-B655-0680AA5BF720\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"57179F60-E330-4FF0-9664-B1E4637FF210\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E6287D95-F564-44B7-A0F9-91396D7C2C4E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5535C936-391B-4619-AA03-B35265FC15D7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D1E828B8-5ECC-4A09-B2AD-DEDC558713DE\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16AE20C2-C77E-4E04-BF13-A48696E52426\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:firewall_services_module:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"24AD881D-83B1-4A5D-ACDA-0CF5F8DC8EA9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:pix_firewall_501:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"93103865-C140-4C93-9A7F-6EEF25958736\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:pix_firewall_506:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"32283245-33A1-41E2-B8CD-CFC2459F840B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:pix_firewall_506e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"107A6891-05FF-4812-B113-96247EDE136F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:pix_firewall_515:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A35FF15C-5E02-4AD1-A4E6-E40E93A9F8F5\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:pix_firewall_515e:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"008185AD-BF4E-49ED-B3A8-FDA7F82D94E3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:pix_firewall_520:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D1D1DB6E-2C3C-4844-A76E-D679735BC150\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:pix_firewall_525:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7181264-0852-4637-A9C0-86CD3BB978AC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:pix_firewall_535:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"488BE38C-6F9C-4652-92A5-F3626DBEE093\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or EPICBANANA.\"}, {\"lang\": \"es\", \"value\": \"Cisco Adaptive Security Applicance (ASA) Software en versiones anteriores a 8.4(1) en dispositivos ASA 5500, ASA 5500-X, PIX y FWSM permite a usuarios locales obtener privilegios a trav\\u00e9s de comandos CLI no v\\u00e1lidos, tambi\\u00e9n conocido como Bug ID CSCtu74257 o EPICBANANA.\"}]",
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/119.html\"\u003eCWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer\u003c/a\u003e",
"id": "CVE-2016-6367",
"lastModified": "2024-11-21T02:55:59.507",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:S/C:C/I:C/A:C\", \"baseScore\": 6.8, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.1, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2016-08-18T18:59:01.463",
"references": "[{\"url\": \"http://blogs.cisco.com/security/shadow-brokers\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Exploit\", \"Press/Media Coverage\", \"Vendor Advisory\"]}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cli\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/92520\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1036636\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40271.zip\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Broken Link\", \"Exploit\"]}, {\"url\": \"https://www.exploit-db.com/exploits/40271/\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://blogs.cisco.com/security/shadow-brokers\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Press/Media Coverage\", \"Vendor Advisory\"]}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cli\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/92520\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1036636\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40271.zip\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Exploit\"]}, {\"url\": \"https://www.exploit-db.com/exploits/40271/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-77\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2016-6367\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2016-08-18T18:59:01.463\",\"lastModified\":\"2024-11-21T02:55:59.507\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or EPICBANANA.\"},{\"lang\":\"es\",\"value\":\"Cisco Adaptive Security Applicance (ASA) Software en versiones anteriores a 8.4(1) en dispositivos ASA 5500, ASA 5500-X, PIX y FWSM permite a usuarios locales obtener privilegios a trav\u00e9s de comandos CLI no v\u00e1lidos, tambi\u00e9n conocido como Bug ID CSCtu74257 o EPICBANANA.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:S/C:C/I:C/A:C\",\"baseScore\":6.8,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.1,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2022-05-24\",\"cisaActionDue\":\"2022-06-14\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Cisco Adaptive Security Appliance (ASA) CLI Remote Code Execution Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-77\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.2.0\",\"versionEndExcluding\":\"8.4\\\\(3\\\\)\",\"matchCriteriaId\":\"647D339E-8D4B-44F6-AFF0-9525CAA61891\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.5\",\"versionEndExcluding\":\"9.0\\\\(1\\\\)\",\"matchCriteriaId\":\"0C605BF9-ADCB-4CBA-AC44-C896B3C610B3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7018906A-ACDF-4D7B-B816-ED9C235BF04E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5500-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E10D97EB-51C4-4904-ABBA-5FCDC9B6D062\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5500_csc-ssm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD44DFA7-9D3E-4158-9551-A698344F9022\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5506-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"763B801D-CA1E-4C56-8B06-3373EA307C7E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5506h-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30AC6907-3091-409F-967D-64A82A0C5A8C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5506w-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D11AF728-8EB0-45EB-A7DD-F2D52B3BB7B8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5508-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92AE506A-E710-465B-B795-470FDE0E0ECA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B091B9BA-D4CA-435B-8D66-602B45F0E0BD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08F0F160-DAD2-48D4-B7B2-4818B2526F35\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"977D597B-F6DE-4438-AB02-06BE64D71EBE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5516-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E07AF10-FFB2-4AC7-BBE7-199C3EFED81F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B387F62-6341-434D-903F-9B72E7F84ECB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB71EB29-0115-4307-A9F7-262394FD9FB0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17C5A524-E1D9-480F-B655-0680AA5BF720\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57179F60-E330-4FF0-9664-B1E4637FF210\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6287D95-F564-44B7-A0F9-91396D7C2C4E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5535C936-391B-4619-AA03-B35265FC15D7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1E828B8-5ECC-4A09-B2AD-DEDC558713DE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16AE20C2-C77E-4E04-BF13-A48696E52426\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firewall_services_module:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24AD881D-83B1-4A5D-ACDA-0CF5F8DC8EA9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:pix_firewall_501:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93103865-C140-4C93-9A7F-6EEF25958736\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:pix_firewall_506:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32283245-33A1-41E2-B8CD-CFC2459F840B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:pix_firewall_506e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"107A6891-05FF-4812-B113-96247EDE136F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:pix_firewall_515:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A35FF15C-5E02-4AD1-A4E6-E40E93A9F8F5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:pix_firewall_515e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"008185AD-BF4E-49ED-B3A8-FDA7F82D94E3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:pix_firewall_520:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1D1DB6E-2C3C-4844-A76E-D679735BC150\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:pix_firewall_525:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7181264-0852-4637-A9C0-86CD3BB978AC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:pix_firewall_535:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"488BE38C-6F9C-4652-92A5-F3626DBEE093\"}]}]}],\"references\":[{\"url\":\"http://blogs.cisco.com/security/shadow-brokers\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Exploit\",\"Press/Media Coverage\",\"Vendor Advisory\"]},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cli\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/92520\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1036636\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40271.zip\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Broken Link\",\"Exploit\"]},{\"url\":\"https://www.exploit-db.com/exploits/40271/\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://blogs.cisco.com/security/shadow-brokers\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Press/Media Coverage\",\"Vendor Advisory\"]},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cli\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/92520\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1036636\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40271.zip\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Exploit\"]},{\"url\":\"https://www.exploit-db.com/exploits/40271/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}],\"evaluatorComment\":\"\u003ca href=\\\"http://cwe.mitre.org/data/definitions/119.html\\\"\u003eCWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer\u003c/a\u003e\"}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cli\", \"name\": \"20160817 Cisco Adaptive Security Appliance CLI Remote Code Execution Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}, {\"url\": \"https://www.exploit-db.com/exploits/40271/\", \"name\": \"40271\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"http://blogs.cisco.com/security/shadow-brokers\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1036636\", \"name\": \"1036636\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/92520\", \"name\": \"92520\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40271.zip\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-06T01:29:19.523Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2016-6367\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-08T17:38:49.876850Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-05-24\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2016-6367\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-08T16:07:21.079Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2016-08-17T00:00:00\", \"references\": [{\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cli\", \"name\": \"20160817 Cisco Adaptive Security Appliance CLI Remote Code Execution Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}, {\"url\": \"https://www.exploit-db.com/exploits/40271/\", \"name\": \"40271\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}, {\"url\": \"http://blogs.cisco.com/security/shadow-brokers\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securitytracker.com/id/1036636\", \"name\": \"1036636\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securityfocus.com/bid/92520\", \"name\": \"92520\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40271.zip\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or EPICBANANA.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2016-11-25T20:57:01\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cli\", \"name\": \"20160817 Cisco Adaptive Security Appliance CLI Remote Code Execution Vulnerability\", \"refsource\": \"CISCO\"}, {\"url\": \"https://www.exploit-db.com/exploits/40271/\", \"name\": \"40271\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"http://blogs.cisco.com/security/shadow-brokers\", \"name\": \"http://blogs.cisco.com/security/shadow-brokers\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.securitytracker.com/id/1036636\", \"name\": \"1036636\", \"refsource\": \"SECTRACK\"}, {\"url\": \"http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516\", \"name\": \"http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.securityfocus.com/bid/92520\", \"name\": \"92520\", \"refsource\": \"BID\"}, {\"url\": \"https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40271.zip\", \"name\": \"https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40271.zip\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or EPICBANANA.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2016-6367\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"psirt@cisco.com\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2016-6367\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-15T18:02:12.143Z\", \"dateReserved\": \"2016-07-26T00:00:00\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2016-08-18T18:00:00\", \"assignerShortName\": \"cisco\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.