cvelistv5 - cve-2016-1295

CVE-2016-1295 (GCVE-0-2016-1295)

Vulnerability from cvelistv5 – Published: 2016-01-16 02:00 – Updated: 2024-08-05 22:48

Summary

Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775.

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

	http://www.securitytracker.com/id/1034691	vdb-entryx_refsource_SECTRACK
	http://tools.cisco.com/security/center/content/Ci…	vendor-advisoryx_refsource_CISCO

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:48:13.860Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1034691",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034691"
          },
          {
            "name": "20160115 Cisco Adaptive Security Appliance Information Disclosure Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-01-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-05T14:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1034691",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034691"
        },
        {
          "name": "20160115 Cisco Adaptive Security Appliance Information Disclosure Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2016-1295",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1034691",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034691"
            },
            {
              "name": "20160115 Cisco Adaptive Security Appliance Information Disclosure Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2016-1295",
    "datePublished": "2016-01-16T02:00:00",
    "dateReserved": "2016-01-04T00:00:00",
    "dateUpdated": "2024-08-05T22:48:13.860Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA1C5485-EAF4-4F4D-AFA1-E105F433665E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"989F9AC4-C2D1-49A0-95C3-79A4EB827E07\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFE2E079-D7AC-4FE9-8938-A75C12AF5CA4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B442C852-2465-4EA8-A977-1F10A4CE23AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6DB6ED4-3095-46C1-9CB6-2975A7B05303\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE68CD8E-B9CF-4519-8B0E-4C4488B34887\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D762C9A7-005C-44FD-9BB2-7A1DD4EBE90B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE0B1212-87F3-46E5-B14A-C0C6BBAAAC98\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"518D4826-06B0-4DDC-B082-A536418FD292\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E343DE08-58FA-4C39-99F9-8CB5F57D0CD8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"76363698-DB62-4D92-8EE4-069891A9F92C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6159BEE3-D097-4E07-9962-06DB740E2AE3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD606591-F69A-47AD-9256-20B98CA16135\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4EF3895-F372-45D3-9C7D-15F5C4712D08\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DC5960D-B917-4ABA-850F-A710676ACB40\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B746A138-6650-49A3-87C8-3728FE5CF215\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.5.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E50C2A13-5A8B-4FA5-ABB8-1157E560503B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"909F9D55-9276-4CF1-BC63-7CEEF8F25C21\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F383D276-D5EC-4335-AC09-9D30F6443AF0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39C2A7FF-6AC3-42B5-954A-9AA5950C523A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D7F36A8-C291-423D-AF28-56AAD8D0F712\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C2009F4-F832-49D6-8346-54A7328BD93B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.23:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9221DD4-498A-4867-B647-47E42299CE45\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B839A425-E08C-41B1-9270-E177E40B1E27\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F4DDF53-0995-4971-A980-30FD15A40C78\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F3BD921-A58A-47EB-B90D-21C3A5D02D40\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775.\"}, {\"lang\": \"es\", \"value\": \"Cisco Adaptive Security Appliance (ASA) Software 8.4 permite a atacantes remotos obtener informaci\\u00f3n sensible a trav\\u00e9s de un intento de autenticaci\\u00f3n AnyConnect, tambi\\u00e9n conocido como Bug ID CSCuo65775.\"}]",
      "id": "CVE-2016-1295",
      "lastModified": "2024-11-21T02:46:08.090",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2016-01-16T05:59:07.410",
      "references": "[{\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id/1034691\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id/1034691\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-1295\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2016-01-16T05:59:07.410\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775.\"},{\"lang\":\"es\",\"value\":\"Cisco Adaptive Security Appliance (ASA) Software 8.4 permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de un intento de autenticaci\u00f3n AnyConnect, tambi\u00e9n conocido como Bug ID CSCuo65775.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA1C5485-EAF4-4F4D-AFA1-E105F433665E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"989F9AC4-C2D1-49A0-95C3-79A4EB827E07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFE2E079-D7AC-4FE9-8938-A75C12AF5CA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B442C852-2465-4EA8-A977-1F10A4CE23AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6DB6ED4-3095-46C1-9CB6-2975A7B05303\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE68CD8E-B9CF-4519-8B0E-4C4488B34887\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D762C9A7-005C-44FD-9BB2-7A1DD4EBE90B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE0B1212-87F3-46E5-B14A-C0C6BBAAAC98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"518D4826-06B0-4DDC-B082-A536418FD292\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E343DE08-58FA-4C39-99F9-8CB5F57D0CD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76363698-DB62-4D92-8EE4-069891A9F92C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6159BEE3-D097-4E07-9962-06DB740E2AE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD606591-F69A-47AD-9256-20B98CA16135\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4EF3895-F372-45D3-9C7D-15F5C4712D08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DC5960D-B917-4ABA-850F-A710676ACB40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B746A138-6650-49A3-87C8-3728FE5CF215\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E50C2A13-5A8B-4FA5-ABB8-1157E560503B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"909F9D55-9276-4CF1-BC63-7CEEF8F25C21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F383D276-D5EC-4335-AC09-9D30F6443AF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39C2A7FF-6AC3-42B5-954A-9AA5950C523A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D7F36A8-C291-423D-AF28-56AAD8D0F712\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C2009F4-F832-49D6-8346-54A7328BD93B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9221DD4-498A-4867-B647-47E42299CE45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B839A425-E08C-41B1-9270-E177E40B1E27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F4DDF53-0995-4971-A980-30FD15A40C78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F3BD921-A58A-47EB-B90D-21C3A5D02D40\"}]}]}],\"references\":[{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1034691\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1034691\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

CERTFR-2016-AVI-024

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans les produits Cisco. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité, une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Centre de gestion Cisco FireSIGHT s'exécutant sur les systèmes Cisco FireSIGHT versions 6.0.0 et 6.0.1
Cisco	N/A	Cisco ASA version 8.4
Cisco	N/A	Cisco Web Security Appliance (WSA) version 8.5.3-055
Cisco	N/A	Cisco Web Security Appliance (WSA) version 9.5.0-235
Cisco	N/A	Cisco Web Security Appliance (WSA) version 9.1.0-000

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20160115-fmc1 du 15 janvier 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160115-asa du 15 janvier 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160119-wsa du 19 janvier 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160115-FireSIGHT du 15 janvier 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160119-wsa du 19 janvier 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160115-FireSIGHT du 15 janvier 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160115-asa du 15 janvier 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160115-fmc1 du 15 janvier 2016	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Centre de gestion Cisco FireSIGHT s\u0027ex\u00e9cutant sur les syst\u00e8mes Cisco FireSIGHT versions 6.0.0 et 6.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco ASA version 8.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Web Security Appliance (WSA) version 8.5.3-055",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Web Security Appliance (WSA) version 9.5.0-235",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Web Security Appliance (WSA) version 9.1.0-000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-1293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1293"
    },
    {
      "name": "CVE-2016-1296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1296"
    },
    {
      "name": "CVE-2016-1295",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1295"
    },
    {
      "name": "CVE-2016-1294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1294"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160119-wsa du 19    janvier 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160119-wsa"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160115-FireSIGHT du    15 janvier 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-FireSIGHT"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160115-asa du 15    janvier 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160115-fmc1 du 15    janvier 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-fmc1"
    }
  ],
  "reference": "CERTFR-2016-AVI-024",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-01-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Cisco\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9, une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une injection de code\nindirecte \u00e0 distance (XSS).\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160115-fmc1 du 15 janvier 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160115-asa du 15 janvier 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160119-wsa du 19 janvier 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160115-FireSIGHT du 15 janvier 2016",
      "url": null
    }
  ]
}

CERTFR-2016-AVI-024

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Centre de gestion Cisco FireSIGHT s'exécutant sur les systèmes Cisco FireSIGHT versions 6.0.0 et 6.0.1
Cisco	N/A	Cisco ASA version 8.4
Cisco	N/A	Cisco Web Security Appliance (WSA) version 8.5.3-055
Cisco	N/A	Cisco Web Security Appliance (WSA) version 9.5.0-235
Cisco	N/A	Cisco Web Security Appliance (WSA) version 9.1.0-000

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20160115-fmc1 du 15 janvier 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160115-asa du 15 janvier 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160119-wsa du 19 janvier 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160115-FireSIGHT du 15 janvier 2016	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20160119-wsa du 19 janvier 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160115-FireSIGHT du 15 janvier 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160115-asa du 15 janvier 2016	-	other
Bulletin de sécurité Cisco cisco-sa-20160115-fmc1 du 15 janvier 2016	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Centre de gestion Cisco FireSIGHT s\u0027ex\u00e9cutant sur les syst\u00e8mes Cisco FireSIGHT versions 6.0.0 et 6.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco ASA version 8.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Web Security Appliance (WSA) version 8.5.3-055",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Web Security Appliance (WSA) version 9.5.0-235",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Web Security Appliance (WSA) version 9.1.0-000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-1293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1293"
    },
    {
      "name": "CVE-2016-1296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1296"
    },
    {
      "name": "CVE-2016-1295",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1295"
    },
    {
      "name": "CVE-2016-1294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1294"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160119-wsa du 19    janvier 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160119-wsa"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160115-FireSIGHT du    15 janvier 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-FireSIGHT"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160115-asa du 15    janvier 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160115-fmc1 du 15    janvier 2016",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-fmc1"
    }
  ],
  "reference": "CERTFR-2016-AVI-024",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-01-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Cisco\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9, une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une injection de code\nindirecte \u00e0 distance (XSS).\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160115-fmc1 du 15 janvier 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160115-asa du 15 janvier 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160119-wsa du 19 janvier 2016",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20160115-FireSIGHT du 15 janvier 2016",
      "url": null
    }
  ]
}

CNVD-2016-00384

Vulnerability from cnvd - Published: 2016-01-21

Title

Cisco Adaptive Security Appliance信息泄露漏洞（CNVD-2016-00384）

Description

Cisco ASA 5500系列自适应安全设备是用于提供安全和VPN服务的模块化平台，可提供防火墙、IPS、anti-X和VPN服务。 Cisco Adaptive Security Appliance (ASA) Software 8.4版本在AnyConnect客户端身份验证尝试期间未能有效地保护敏感数据。未经身份验证的攻击者利用此漏洞可获取敏感信息。

Severity

中

Patch Name

Cisco Adaptive Security Appliance信息泄露漏洞（CNVD-2016-00384）的补丁

Patch Description

Formal description

Cisco已经为此发布了一个安全公告（cisco-sa-20160115-asa）以及相应补丁: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa

Reference

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1295

Impacted products

Name
Cisco Adaptive Security Appliance (ASA) Software 8.4

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-1295"
    }
  },
  "description": "Cisco ASA 5500\u7cfb\u5217\u81ea\u9002\u5e94\u5b89\u5168\u8bbe\u5907\u662f\u7528\u4e8e\u63d0\u4f9b\u5b89\u5168\u548cVPN\u670d\u52a1\u7684\u6a21\u5757\u5316\u5e73\u53f0\uff0c\u53ef\u63d0\u4f9b\u9632\u706b\u5899\u3001IPS\u3001anti-X\u548cVPN\u670d\u52a1\u3002\r\n\r\nCisco Adaptive Security Appliance (ASA) Software 8.4\u7248\u672c\u5728AnyConnect\u5ba2\u6237\u7aef\u8eab\u4efd\u9a8c\u8bc1\u5c1d\u8bd5\u671f\u95f4\u672a\u80fd\u6709\u6548\u5730\u4fdd\u62a4\u654f\u611f\u6570\u636e\u3002\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u5229\u7528\u6b64\u6f0f\u6d1e\u53ef\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002",
  "discovererName": "Cisco",
  "formalWay": "Cisco\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08cisco-sa-20160115-asa\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-00384",
  "openTime": "2016-01-21",
  "patchDescription": "Cisco ASA 5500\u7cfb\u5217\u81ea\u9002\u5e94\u5b89\u5168\u8bbe\u5907\u662f\u7528\u4e8e\u63d0\u4f9b\u5b89\u5168\u548cVPN\u670d\u52a1\u7684\u6a21\u5757\u5316\u5e73\u53f0\uff0c\u53ef\u63d0\u4f9b\u9632\u706b\u5899\u3001IPS\u3001anti-X\u548cVPN\u670d\u52a1\u3002\r\n\r\nCisco Adaptive Security Appliance (ASA) Software 8.4\u7248\u672c\u5728AnyConnect\u5ba2\u6237\u7aef\u8eab\u4efd\u9a8c\u8bc1\u5c1d\u8bd5\u671f\u95f4\u672a\u80fd\u6709\u6548\u5730\u4fdd\u62a4\u654f\u611f\u6570\u636e\u3002\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u5229\u7528\u6b64\u6f0f\u6d1e\u53ef\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Adaptive Security Appliance\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2016-00384\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Cisco Adaptive Security Appliance (ASA) Software 8.4"
  },
  "referenceLink": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1295",
  "serverity": "\u4e2d",
  "submitTime": "2016-01-18",
  "title": "Cisco Adaptive Security Appliance\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2016-00384\uff09"
}

VAR-201601-0053

Vulnerability from variot - Updated: 2023-12-18 13:03

Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775. Vendors have confirmed this vulnerability Bug ID CSCuo65775 It is released as.By a third party AnyConnect Important information can be obtained through authentication attempts. The CiscoASA5500 Series Adaptive Security Appliance is a modular platform for providing security and VPN services with firewall, IPS, anti-X and VPN services. An unauthenticated attacker could exploit this vulnerability to obtain sensitive information. This issue is being tracked by Cisco Bug ID CSCuo65775

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201601-0053",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.4.1.3"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.4.2"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.4.3"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.4.3.9"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.4.7.15"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.4.4"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.4.1.11"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.4.2.8"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.4.3.8"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.4.1"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "cisco",
        "version": "8.4"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.4.4.1"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.4.7.29"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.4.7.26"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.4.7.23"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.4.4.5"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.4.5"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.4.4.3"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.4.7"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.4.0"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.4.7.3"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.4.5.6"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.4.2.1"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.4.7.22"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.4.4.9"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.4.6"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.4.7.28"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-00384"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001302"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1295"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-349"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.29:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.26:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.23:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.5.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.28:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-1295"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "80881"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2016-1295",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.0,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2016-1295",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2016-00384",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-90114",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 3.9,
            "impactScore": 1.4,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2016-1295",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2016-00384",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201601-349",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-90114",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-00384"
      },
      {
        "db": "VULHUB",
        "id": "VHN-90114"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001302"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1295"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-349"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775. Vendors have confirmed this vulnerability Bug ID CSCuo65775 It is released as.By a third party AnyConnect Important information can be obtained through authentication attempts. The CiscoASA5500 Series Adaptive Security Appliance is a modular platform for providing security and VPN services with firewall, IPS, anti-X and VPN services. An unauthenticated attacker could exploit this vulnerability to obtain sensitive information. \nThis issue is being tracked by Cisco Bug ID CSCuo65775",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-1295"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001302"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-00384"
      },
      {
        "db": "BID",
        "id": "80881"
      },
      {
        "db": "VULHUB",
        "id": "VHN-90114"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-1295",
        "trust": 3.4
      },
      {
        "db": "SECTRACK",
        "id": "1034691",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001302",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-349",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-00384",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "80881",
        "trust": 0.4
      },
      {
        "db": "VULHUB",
        "id": "VHN-90114",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-00384"
      },
      {
        "db": "VULHUB",
        "id": "VHN-90114"
      },
      {
        "db": "BID",
        "id": "80881"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001302"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1295"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-349"
      }
    ]
  },
  "id": "VAR-201601-0053",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-00384"
      },
      {
        "db": "VULHUB",
        "id": "VHN-90114"
      }
    ],
    "trust": 0.06999999999999999
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-00384"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:03:20.059000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20160115-asa",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160115-asa"
      },
      {
        "title": "Patch for CiscoAdaptiveSecurityAppliance Information Disclosure Vulnerability (CNVD-2016-00384)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/70320"
      },
      {
        "title": "Cisco Adaptive Security Appliances Software Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=59667"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-00384"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001302"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-349"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90114"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001302"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1295"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160115-asa"
      },
      {
        "trust": 1.4,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1295"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1034691"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1295"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-00384"
      },
      {
        "db": "VULHUB",
        "id": "VHN-90114"
      },
      {
        "db": "BID",
        "id": "80881"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001302"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1295"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-349"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-00384"
      },
      {
        "db": "VULHUB",
        "id": "VHN-90114"
      },
      {
        "db": "BID",
        "id": "80881"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001302"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1295"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-349"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-01-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-00384"
      },
      {
        "date": "2016-01-16T00:00:00",
        "db": "VULHUB",
        "id": "VHN-90114"
      },
      {
        "date": "2016-01-15T00:00:00",
        "db": "BID",
        "id": "80881"
      },
      {
        "date": "2016-01-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-001302"
      },
      {
        "date": "2016-01-16T05:59:07.410000",
        "db": "NVD",
        "id": "CVE-2016-1295"
      },
      {
        "date": "2016-01-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201601-349"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-01-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-00384"
      },
      {
        "date": "2016-12-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-90114"
      },
      {
        "date": "2016-07-05T21:22:00",
        "db": "BID",
        "id": "80881"
      },
      {
        "date": "2016-01-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-001302"
      },
      {
        "date": "2023-08-15T14:28:06.997000",
        "db": "NVD",
        "id": "CVE-2016-1295"
      },
      {
        "date": "2016-01-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201601-349"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-349"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Adaptive Security Appliance Vulnerabilities that can capture important information in software",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-001302"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201601-349"
      }
    ],
    "trust": 0.6
  }
}

GHSA-P927-CQR6-2369

Vulnerability from github – Published: 2022-05-17 03:23 – Updated: 2022-05-17 03:23

Details

Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775.

Severity ?

5.3 (Medium)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-1295"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-01-16T05:59:00Z",
    "severity": "MODERATE"
  },
  "details": "Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775.",
  "id": "GHSA-p927-cqr6-2369",
  "modified": "2022-05-17T03:23:51Z",
  "published": "2022-05-17T03:23:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1295"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1034691"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2016-1295

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775.

Aliases

CVE-2016-1295

Aliases

CVE-2016-1295

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-1295",
    "description": "Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775.",
    "id": "GSD-2016-1295"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-1295"
      ],
      "details": "Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775.",
      "id": "GSD-2016-1295",
      "modified": "2023-12-13T01:21:24.252900Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2016-1295",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1034691",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1034691"
          },
          {
            "name": "20160115 Cisco Adaptive Security Appliance Information Disclosure Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.29:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.26:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.23:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.5.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.28:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2016-1295"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20160115 Cisco Adaptive Security Appliance Information Disclosure Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa"
            },
            {
              "name": "1034691",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1034691"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 1.4
        }
      },
      "lastModifiedDate": "2023-08-15T14:28Z",
      "publishedDate": "2016-01-16T05:59Z"
    }
  }
}

FKIE_CVE-2016-1295

Vulnerability from fkie_nvd - Published: 2016-01-16 05:59 - Updated: 2025-04-12 10:46

Severity ?

5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Summary

Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775.

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa	Vendor Advisory
psirt@cisco.com	http://www.securitytracker.com/id/1034691	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034691	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	8.4.0
cisco	adaptive_security_appliance_software	8.4.1
cisco	adaptive_security_appliance_software	8.4.1.3
cisco	adaptive_security_appliance_software	8.4.1.11
cisco	adaptive_security_appliance_software	8.4.2
cisco	adaptive_security_appliance_software	8.4.2.1
cisco	adaptive_security_appliance_software	8.4.2.8
cisco	adaptive_security_appliance_software	8.4.3
cisco	adaptive_security_appliance_software	8.4.3.8
cisco	adaptive_security_appliance_software	8.4.3.9
cisco	adaptive_security_appliance_software	8.4.4
cisco	adaptive_security_appliance_software	8.4.4.1
cisco	adaptive_security_appliance_software	8.4.4.3
cisco	adaptive_security_appliance_software	8.4.4.5
cisco	adaptive_security_appliance_software	8.4.4.9
cisco	adaptive_security_appliance_software	8.4.5
cisco	adaptive_security_appliance_software	8.4.5.6
cisco	adaptive_security_appliance_software	8.4.6
cisco	adaptive_security_appliance_software	8.4.7
cisco	adaptive_security_appliance_software	8.4.7.3
cisco	adaptive_security_appliance_software	8.4.7.15
cisco	adaptive_security_appliance_software	8.4.7.22
cisco	adaptive_security_appliance_software	8.4.7.23
cisco	adaptive_security_appliance_software	8.4.7.26
cisco	adaptive_security_appliance_software	8.4.7.28
cisco	adaptive_security_appliance_software	8.4.7.29

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA1C5485-EAF4-4F4D-AFA1-E105F433665E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "989F9AC4-C2D1-49A0-95C3-79A4EB827E07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFE2E079-D7AC-4FE9-8938-A75C12AF5CA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "B442C852-2465-4EA8-A977-1F10A4CE23AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6DB6ED4-3095-46C1-9CB6-2975A7B05303",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE68CD8E-B9CF-4519-8B0E-4C4488B34887",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D762C9A7-005C-44FD-9BB2-7A1DD4EBE90B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE0B1212-87F3-46E5-B14A-C0C6BBAAAC98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "518D4826-06B0-4DDC-B082-A536418FD292",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "E343DE08-58FA-4C39-99F9-8CB5F57D0CD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "76363698-DB62-4D92-8EE4-069891A9F92C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6159BEE3-D097-4E07-9962-06DB740E2AE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD606591-F69A-47AD-9256-20B98CA16135",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4EF3895-F372-45D3-9C7D-15F5C4712D08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DC5960D-B917-4ABA-850F-A710676ACB40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B746A138-6650-49A3-87C8-3728FE5CF215",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E50C2A13-5A8B-4FA5-ABB8-1157E560503B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "909F9D55-9276-4CF1-BC63-7CEEF8F25C21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F383D276-D5EC-4335-AC09-9D30F6443AF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "39C2A7FF-6AC3-42B5-954A-9AA5950C523A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D7F36A8-C291-423D-AF28-56AAD8D0F712",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C2009F4-F832-49D6-8346-54A7328BD93B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9221DD4-498A-4867-B647-47E42299CE45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "B839A425-E08C-41B1-9270-E177E40B1E27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F4DDF53-0995-4971-A980-30FD15A40C78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F3BD921-A58A-47EB-B90D-21C3A5D02D40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775."
    },
    {
      "lang": "es",
      "value": "Cisco Adaptive Security Appliance (ASA) Software 8.4 permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de un intento de autenticaci\u00f3n AnyConnect, tambi\u00e9n conocido como Bug ID CSCuo65775."
    }
  ],
  "id": "CVE-2016-1295",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-01-16T05:59:07.410",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1034691"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1034691"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-1295 (GCVE-0-2016-1295)

CERTFR-2016-AVI-024

Solution

CERTFR-2016-AVI-024

Solution

CNVD-2016-00384

VAR-201601-0053

GHSA-P927-CQR6-2369

GSD-2016-1295

FKIE_CVE-2016-1295

Tags

Sightings

Nomenclature