FKIE_CVE-2016-9193

Vulnerability from fkie_nvd - Published: 2016-12-14 00:59 - Updated: 2025-04-12 10:46
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. Affected Products: Cisco Firepower Management Center and FireSIGHT System Software are affected when they are configured to use a file policy that has the Block Malware action. More Information: CSCvb27494. Known Affected Releases: 6.0.1.1 6.1.0.
References
psirt@cisco.comhttp://www.securityfocus.com/bid/94801Third Party Advisory, VDB Entry
psirt@cisco.comhttp://www.securitytracker.com/id/1037421Third Party Advisory, VDB Entry
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-firepowerVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/94801Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1037421Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-firepowerVendor Advisory
Impacted products
Vendor Product Version
cisco firesight_system_software 6.0.0
cisco firesight_system_software 6.0.0.0
cisco firesight_system_software 6.0.0.1
cisco firesight_system_software 6.0.1
cisco firesight_system_software 6.0.1.1
cisco firesight_system_software 6.1.0
cisco secure_firewall_management_center 6.0.0
cisco secure_firewall_management_center 6.0.0.0
cisco secure_firewall_management_center 6.0.0.1
cisco secure_firewall_management_center 6.0.1
cisco secure_firewall_management_center 6.0.1.1
cisco secure_firewall_management_center 6.1.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D52DB0-4441-41C9-900E-DE917B0CBC91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB492B2E-2CE6-4D29-9D82-D40A2B9508B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D032900-6B00-4F4D-A2F7-6119F113675F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC5565FE-174C-41C7-9462-9138BB31507D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B764E48A-C748-4451-8E81-DD8B62B4BA9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "362E320D-70E9-4B51-9298-ADF612FD440F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "036E4035-E8E2-4964-A6F4-7292E1804E91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF40DB44-C213-466E-B473-B07B30A42B34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6FD6283-CC58-4864-AA24-F6C6DDE630FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D1AFAC1-419D-4ADB-868B-1544BED58B7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D4EB1FD-690B-4F8C-A559-BC76CA5FDEFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6614ED6C-E77E-4C0D-AA96-0BEE84BE2F94",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. Affected Products: Cisco Firepower Management Center and FireSIGHT System Software are affected when they are configured to use a file policy that has the Block Malware action. More Information: CSCvb27494. Known Affected Releases: 6.0.1.1 6.1.0."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en las caracter\u00edsticas de detecci\u00f3n y bloqueo de archivos maliciosos de Cisco Firepower Management Center y Cisco FireSIGHT System Software podr\u00eda permitir a un atacante remoto no autenticado eludir los mecanismos de detecci\u00f3n de malware en un dispositivo afectado. Productos Afectados: Cisco Firepower Management Center y FireSIGHT System Software son afectados cuando est\u00e1n configurados para utilizar una pol\u00edtica de archivos con la acci\u00f3n Block Malware. M\u00e1s Informaci\u00f3n: CSCvb27494. Lanzamientos Afectados Conocidos: 6.0.1.1 6.1.0."
    }
  ],
  "id": "CVE-2016-9193",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-12-14T00:59:16.973",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/94801"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1037421"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-firepower"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/94801"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1037421"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-firepower"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.