VAR-201609-0325
Vulnerability from variot - Updated: 2023-12-18 11:30The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN. Cisco IOS and so on are all operating systems developed by Cisco. An information disclosure vulnerability exists in the implementation of server IKEv1 in several Cisco products. A remote attacker can use the vulnerability to send sensitive information from the device's memory by sending a SecurityAssociation negotiation request. This issue is being tracked by Cisco Bug IDs CSCvb29204 and CSCvb36055
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201609-0325",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios xr",
"scope": "eq",
"trust": 1.4,
"vendor": "cisco",
"version": "4.3.x"
},
{
"model": "ios xr",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "5.0.0"
},
{
"model": "ios",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "15.6"
},
{
"model": "ios xr",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "4.3.4"
},
{
"model": "ios",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "ios",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "12.4"
},
{
"model": "ios",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "15.0"
},
{
"model": "ios xe",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "3.18s"
},
{
"model": "ios xr",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "5.3.0"
},
{
"model": "ios xr",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "4.3.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.2 to 12.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "15.0 to 15.6"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "16.1"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "16.2"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "16.3"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.12s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.13s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.14s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.15s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.16s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.17s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.18s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.1s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.2s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.3s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.3sg"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.3xo"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.4s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.4sg"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.5e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.5s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.6e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.6s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.7e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.7s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.8e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.8s"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.9e"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.9s"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "5.0.x to 5.2.x"
},
{
"model": "pix firewall software",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "7.0"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.0.x"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.1.x"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.2.x"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.3\\(4\\)t2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.4\\(15\\)xz2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.3\\(7\\)xi1c"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.2\\(33\\)scd7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.3\\(8\\)yd1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.4\\(22\\)xr2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.3\\(14\\)t2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.3\\(7\\)xr4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.2\\(18\\)zu2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "12.4\\(22\\)yb2"
},
{
"model": "automation stratix",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "59000"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.1"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.2"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.1"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "ios xr",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3.4"
},
{
"model": "ios xe",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ios 15.6t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.6sp",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.6sn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.6s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.6m",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.5t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.5sn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.5s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.5m",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.4t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.4sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.4s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.4m",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.4cg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.3t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.3sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.3s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.3m",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.2t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.2sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.2sni",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.2snh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.2sng",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.2s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.2m",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.2gc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.2ey",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.2ea",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.2e",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1sni",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1snh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1sng",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1sg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1mra",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1mr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1m",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.1gc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.0sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.0sg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.0se",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.0s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.0m",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.0ey",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.0ek",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.0ej",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.0eh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 15.0ed",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4yg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4ye",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4xr",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4xq",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4sw",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4mdb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4mda",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4md",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.4gc",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.4"
},
{
"model": "ios 12.2zya",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sy",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sxi",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sxh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sre",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2srd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2se",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sci",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2scg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2scf",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sce",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2scd",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2sb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2mrb",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2iri",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2irh",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2irg",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "automation stratix",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "590015.6.3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07726"
},
{
"db": "BID",
"id": "93003"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004798"
},
{
"db": "NVD",
"id": "CVE-2016-6415"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-342"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.4",
"versionStartIncluding": "12.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "15.6",
"versionStartIncluding": "15.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.18s",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.3.4",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.3.0",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6415"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Shadow Brokers",
"sources": [
{
"db": "BID",
"id": "93003"
}
],
"trust": 0.3
},
"cve": "CVE-2016-6415",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-6415",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-07726",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-95235",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-6415",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-6415",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-07726",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201609-342",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-95235",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-6415",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07726"
},
{
"db": "VULHUB",
"id": "VHN-95235"
},
{
"db": "VULMON",
"id": "CVE-2016-6415"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004798"
},
{
"db": "NVD",
"id": "CVE-2016-6415"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-342"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN. Cisco IOS and so on are all operating systems developed by Cisco. An information disclosure vulnerability exists in the implementation of server IKEv1 in several Cisco products. A remote attacker can use the vulnerability to send sensitive information from the device\u0027s memory by sending a SecurityAssociation negotiation request. \nThis issue is being tracked by Cisco Bug IDs CSCvb29204 and CSCvb36055",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6415"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004798"
},
{
"db": "CNVD",
"id": "CNVD-2016-07726"
},
{
"db": "BID",
"id": "93003"
},
{
"db": "VULHUB",
"id": "VHN-95235"
},
{
"db": "VULMON",
"id": "CVE-2016-6415"
}
],
"trust": 2.61
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-95235",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=43383",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95235"
},
{
"db": "VULMON",
"id": "CVE-2016-6415"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-6415",
"trust": 3.5
},
{
"db": "BID",
"id": "93003",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1036841",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004798",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201609-342",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-07726",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-04",
"trust": 0.4
},
{
"db": "EXPLOIT-DB",
"id": "43383",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-92480",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-95235",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-6415",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07726"
},
{
"db": "VULHUB",
"id": "VHN-95235"
},
{
"db": "VULMON",
"id": "CVE-2016-6415"
},
{
"db": "BID",
"id": "93003"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004798"
},
{
"db": "NVD",
"id": "CVE-2016-6415"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-342"
}
]
},
"id": "VAR-201609-0325",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07726"
},
{
"db": "VULHUB",
"id": "VHN-95235"
}
],
"trust": 1.3943524983333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07726"
}
]
},
"last_update_date": "2023-12-18T11:30:26.621000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160916-ikev1",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160916-ikev1"
},
{
"title": "Patches for multiple Cisco product information disclosure vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/81503"
},
{
"title": "CVE-2016-6415-BenignCertain-Monitor",
"trust": 0.1,
"url": "https://github.com/3ndg4me/cve-2016-6415-benigncertain-monitor "
},
{
"title": "benigncertain",
"trust": 0.1,
"url": "https://github.com/dinosn/benigncertain "
},
{
"title": "MS17-010",
"trust": 0.1,
"url": "https://github.com/oneplus-x/ms17-010 "
},
{
"title": "Exp101tsArchiv30thers",
"trust": 0.1,
"url": "https://github.com/nu11secur1ty/exp101tsarchiv30thers "
},
{
"title": "awesome-cve-poc_qazbnm456",
"trust": 0.1,
"url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/cisco-warns-of-ios-flaw-vulnerable-to-shadowbrokers-attack/120668/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07726"
},
{
"db": "VULMON",
"id": "CVE-2016-6415"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004798"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95235"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004798"
},
{
"db": "NVD",
"id": "CVE-2016-6415"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160916-ikev1"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/93003"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1036841"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6415"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6415"
},
{
"trust": 0.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-04"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://github.com/3ndg4me/cve-2016-6415-benigncertain-monitor"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/43383/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07726"
},
{
"db": "VULHUB",
"id": "VHN-95235"
},
{
"db": "VULMON",
"id": "CVE-2016-6415"
},
{
"db": "BID",
"id": "93003"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004798"
},
{
"db": "NVD",
"id": "CVE-2016-6415"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-342"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-07726"
},
{
"db": "VULHUB",
"id": "VHN-95235"
},
{
"db": "VULMON",
"id": "CVE-2016-6415"
},
{
"db": "BID",
"id": "93003"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004798"
},
{
"db": "NVD",
"id": "CVE-2016-6415"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-342"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-07726"
},
{
"date": "2016-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-95235"
},
{
"date": "2016-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6415"
},
{
"date": "2016-09-16T00:00:00",
"db": "BID",
"id": "93003"
},
{
"date": "2016-09-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004798"
},
{
"date": "2016-09-19T01:59:06.167000",
"db": "NVD",
"id": "CVE-2016-6415"
},
{
"date": "2016-09-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-342"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-07726"
},
{
"date": "2020-06-03T00:00:00",
"db": "VULHUB",
"id": "VHN-95235"
},
{
"date": "2020-06-03T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6415"
},
{
"date": "2017-05-23T16:23:00",
"db": "BID",
"id": "93003"
},
{
"date": "2016-09-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004798"
},
{
"date": "2020-06-03T15:33:15.740000",
"db": "NVD",
"id": "CVE-2016-6415"
},
{
"date": "2020-06-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-342"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-342"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Cisco Product server IKEv1 Vulnerability in the implementation of critical information obtained from device memory",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004798"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-342"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…