VAR-201610-0271
Vulnerability from variot - Updated: 2023-12-18 13:57Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, aka Bug ID CSCur25467. An attacker can exploit this issue to gain elevated privileges on an affected device. This issue is being tracked by Cisco Bug ID CSCur25467
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201610-0271",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "firesight system software",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "4.10.3"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "5.2.0"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "5.3.0"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "5.3.1"
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 2.4,
"vendor": "cisco",
"version": "5.4.0"
},
{
"model": "firepower management center",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "firesight system software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "firepower management center",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "93204"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005109"
},
{
"db": "NVD",
"id": "CVE-2016-6420"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-638"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:4.10.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6420"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "93204"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-638"
}
],
"trust": 0.9
},
"cve": "CVE-2016-6420",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.8,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-6420",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-95240",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-6420",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-6420",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201609-638",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-95240",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-6420",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95240"
},
{
"db": "VULMON",
"id": "CVE-2016-6420"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005109"
},
{
"db": "NVD",
"id": "CVE-2016-6420"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-638"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, aka Bug ID CSCur25467. \nAn attacker can exploit this issue to gain elevated privileges on an affected device. \nThis issue is being tracked by Cisco Bug ID CSCur25467",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6420"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005109"
},
{
"db": "BID",
"id": "93204"
},
{
"db": "VULHUB",
"id": "VHN-95240"
},
{
"db": "VULMON",
"id": "CVE-2016-6420"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-6420",
"trust": 2.9
},
{
"db": "BID",
"id": "93204",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1036919",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005109",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201609-638",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "34986",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-95240",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-6420",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95240"
},
{
"db": "VULMON",
"id": "CVE-2016-6420"
},
{
"db": "BID",
"id": "93204"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005109"
},
{
"db": "NVD",
"id": "CVE-2016-6420"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-638"
}
]
},
"id": "VAR-201610-0271",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-95240"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:57:29.066000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160928-fmc1",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160928-fmc1"
},
{
"title": "Cisco Firepower Management Center Repair measures for privilege escalation",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=64409"
},
{
"title": "Cisco: Cisco Firepower Management Center Privilege Escalation Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20160928-fmc1"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/cisco-warns-of-critical-flaw-in-email-security-appliances/120968/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6420"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005109"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-638"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
},
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95240"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005109"
},
{
"db": "NVD",
"id": "CVE-2016-6420"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160928-fmc1"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/93204"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1036919"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6420"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6420"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/34986"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/264.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/cisco-warns-of-critical-flaw-in-email-security-appliances/120968/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95240"
},
{
"db": "VULMON",
"id": "CVE-2016-6420"
},
{
"db": "BID",
"id": "93204"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005109"
},
{
"db": "NVD",
"id": "CVE-2016-6420"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-638"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-95240"
},
{
"db": "VULMON",
"id": "CVE-2016-6420"
},
{
"db": "BID",
"id": "93204"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005109"
},
{
"db": "NVD",
"id": "CVE-2016-6420"
},
{
"db": "CNNVD",
"id": "CNNVD-201609-638"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-05T00:00:00",
"db": "VULHUB",
"id": "VHN-95240"
},
{
"date": "2016-10-05T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6420"
},
{
"date": "2016-09-28T00:00:00",
"db": "BID",
"id": "93204"
},
{
"date": "2016-10-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005109"
},
{
"date": "2016-10-05T10:59:20.550000",
"db": "NVD",
"id": "CVE-2016-6420"
},
{
"date": "2016-09-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-638"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-30T00:00:00",
"db": "VULHUB",
"id": "VHN-95240"
},
{
"date": "2017-07-30T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6420"
},
{
"date": "2016-10-03T07:00:00",
"db": "BID",
"id": "93204"
},
{
"date": "2016-10-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005109"
},
{
"date": "2017-07-30T01:29:12.833000",
"db": "NVD",
"id": "CVE-2016-6420"
},
{
"date": "2016-10-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201609-638"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-638"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco FirePOWER Management Center of FireSIGHT system Vulnerabilities that can bypass authentication checks in software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005109"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201609-638"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…