VAR-201603-0291
Vulnerability from variot - Updated: 2023-12-18 13:03The SCP and SFTP modules in Cisco IOS XR 5.0.0 through 5.2.5 on Network Convergence System 6000 devices use weak permissions for system files, which allows remote authenticated users to cause a denial of service (overwrite) via unspecified vectors, aka Bug ID CSCuw75848. Vendors have confirmed this vulnerability Bug ID CSCuw75848 It is released as.Service disruption by remotely authenticated user ( Overwrite ) There is a possibility of being put into a state. The Cisco IOSXRforCiscoNCS6000 is a Cisco network operating system running on the NCS6000 series of routers. A security vulnerability exists in the SCP and SFTP modules in the Cisco IOSXR Software 5.0.0 to 5.2.5 versions of the Cisco NCS6000 due to the program's failure to properly set the path to include the system files. A remote attacker could exploit the vulnerability to overwrite system files, causing a denial of service. Cisco IOS XR Software is prone to a remote denial-of-service vulnerability. This issue is being tracked by Cisco Bug ID CSCuw75848. Note: This issue was previously titled 'Cisco Network Convergence System 6000 Series Routers Remote Denial of Service Vulnerability'. The title and technical details have been changed to better reflect the underlying component affected. Both Secure Copy Protocol (SCP) and Secure FTP (SFTP) are among the security protocol modules. The vulnerability is caused by the program not properly setting permissions for paths containing system files
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201603-0291",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios xr",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.2.3"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.0.0"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.2.5"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.2.4"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.0.1"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.2.1"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "5.0.0 to 5.2.5"
},
{
"model": "network convergence system series",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "6000"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.0.0-5.2.5"
},
{
"model": "ios xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01921"
},
{
"db": "BID",
"id": "85373"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001906"
},
{
"db": "NVD",
"id": "CVE-2016-1366"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-355"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:5.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:5.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:5.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:5.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:5.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:5.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1366"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "85373"
}
],
"trust": 0.3
},
"cve": "CVE-2016-1366",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:C/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-1366",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:C/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CNVD-2016-01921",
"impactScore": 6.9,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:C/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-90185",
"impactScore": 6.9,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:C/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-1366",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2016-01921",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-355",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-90185",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01921"
},
{
"db": "VULHUB",
"id": "VHN-90185"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001906"
},
{
"db": "NVD",
"id": "CVE-2016-1366"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-355"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The SCP and SFTP modules in Cisco IOS XR 5.0.0 through 5.2.5 on Network Convergence System 6000 devices use weak permissions for system files, which allows remote authenticated users to cause a denial of service (overwrite) via unspecified vectors, aka Bug ID CSCuw75848. Vendors have confirmed this vulnerability Bug ID CSCuw75848 It is released as.Service disruption by remotely authenticated user ( Overwrite ) There is a possibility of being put into a state. The Cisco IOSXRforCiscoNCS6000 is a Cisco network operating system running on the NCS6000 series of routers. A security vulnerability exists in the SCP and SFTP modules in the Cisco IOSXR Software 5.0.0 to 5.2.5 versions of the Cisco NCS6000 due to the program\u0027s failure to properly set the path to include the system files. A remote attacker could exploit the vulnerability to overwrite system files, causing a denial of service. Cisco IOS XR Software is prone to a remote denial-of-service vulnerability. \nThis issue is being tracked by Cisco Bug ID CSCuw75848. \nNote: This issue was previously titled \u0027Cisco Network Convergence System 6000 Series Routers Remote Denial of Service Vulnerability\u0027. The title and technical details have been changed to better reflect the underlying component affected. Both Secure Copy Protocol (SCP) and Secure FTP (SFTP) are among the security protocol modules. The vulnerability is caused by the program not properly setting permissions for paths containing system files",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1366"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001906"
},
{
"db": "CNVD",
"id": "CNVD-2016-01921"
},
{
"db": "BID",
"id": "85373"
},
{
"db": "VULHUB",
"id": "VHN-90185"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1366",
"trust": 3.4
},
{
"db": "SECTRACK",
"id": "1035407",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001906",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201603-355",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-01921",
"trust": 0.6
},
{
"db": "BID",
"id": "85373",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-90185",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01921"
},
{
"db": "VULHUB",
"id": "VHN-90185"
},
{
"db": "BID",
"id": "85373"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001906"
},
{
"db": "NVD",
"id": "CVE-2016-1366"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-355"
}
]
},
"id": "VAR-201603-0291",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01921"
},
{
"db": "VULHUB",
"id": "VHN-90185"
}
],
"trust": 1.3875
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01921"
}
]
},
"last_update_date": "2023-12-18T13:03:19.475000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160323-ncs",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160323-ncs"
},
{
"title": "Patch for CiscoNCS6000IOSXRSoftwareSecureCopyProtocol and SecureFTP Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/73333"
},
{
"title": "Cisco Network Convergence System 6000 IOS XR Software Secure Copy Protocol and Secure FTP Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=60680"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01921"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001906"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-355"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90185"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001906"
},
{
"db": "NVD",
"id": "CVE-2016-1366"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160323-ncs"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1035407"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1366"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1366"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-01921"
},
{
"db": "VULHUB",
"id": "VHN-90185"
},
{
"db": "BID",
"id": "85373"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001906"
},
{
"db": "NVD",
"id": "CVE-2016-1366"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-355"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-01921"
},
{
"db": "VULHUB",
"id": "VHN-90185"
},
{
"db": "BID",
"id": "85373"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001906"
},
{
"db": "NVD",
"id": "CVE-2016-1366"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-355"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-01921"
},
{
"date": "2016-03-24T00:00:00",
"db": "VULHUB",
"id": "VHN-90185"
},
{
"date": "2016-03-23T00:00:00",
"db": "BID",
"id": "85373"
},
{
"date": "2016-03-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001906"
},
{
"date": "2016-03-24T22:59:00.953000",
"db": "NVD",
"id": "CVE-2016-1366"
},
{
"date": "2016-03-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-355"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-01921"
},
{
"date": "2016-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-90185"
},
{
"date": "2016-07-05T22:03:00",
"db": "BID",
"id": "85373"
},
{
"date": "2016-03-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001906"
},
{
"date": "2016-12-03T03:20:48.783000",
"db": "NVD",
"id": "CVE-2016-1366"
},
{
"date": "2016-03-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-355"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-355"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Network Convergence System 6000 Run on device IOS XR of SCP and SFTP Service disruption in modules (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001906"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201603-355"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…