VAR-201611-0157
Vulnerability from variot - Updated: 2023-12-18 12:37A vulnerability in the command-line interface of the Cisco IP Interoperability and Collaboration System (IPICS) could allow an authenticated, local attacker to elevate the privilege level associated with their session. More Information: CSCva38636. Known Affected Releases: 4.10(1). Known Fixed Releases: 5.0(1). Vendors have confirmed this vulnerability Bug ID CSCva38636 It is released as.Local users may be able to elevate the privileges associated with the session. A local attacker may exploit this issue to gain elevated privileges on the affected system. This issue is being tracked by Cisco Bug ID CSCva38636. The solution supports the simplification of radio dispatching operations and improves the ability to respond to accidents, emergencies, and facility incidents
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201611-0157",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.7\\(1\\)"
},
{
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.8\\(2\\)"
},
{
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.8\\(1\\)"
},
{
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.9\\(2\\)"
},
{
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.10\\(1\\)"
},
{
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.0\\(1\\)"
},
{
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.9\\(1\\)"
},
{
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.6\\(1\\)"
},
{
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.5\\(1\\)"
},
{
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "4.10(1)"
},
{
"model": "ip interoperability and collaboration system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "93919"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005729"
},
{
"db": "NVD",
"id": "CVE-2016-6430"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-771"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:ip_interoperability_and_collaboration_system:4.8\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ip_interoperability_and_collaboration_system:4.6\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ip_interoperability_and_collaboration_system:4.9\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ip_interoperability_and_collaboration_system:4.0\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ip_interoperability_and_collaboration_system:4.5\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ip_interoperability_and_collaboration_system:4.10\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ip_interoperability_and_collaboration_system:4.7\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ip_interoperability_and_collaboration_system:4.8\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ip_interoperability_and_collaboration_system:4.9\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6430"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco.",
"sources": [
{
"db": "BID",
"id": "93919"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-771"
}
],
"trust": 0.9
},
"cve": "CVE-2016-6430",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 2.7,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.6,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-6430",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 2.7,
"id": "VHN-95250",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-6430",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-6430",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201610-771",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-95250",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-6430",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95250"
},
{
"db": "VULMON",
"id": "CVE-2016-6430"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005729"
},
{
"db": "NVD",
"id": "CVE-2016-6430"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-771"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the command-line interface of the Cisco IP Interoperability and Collaboration System (IPICS) could allow an authenticated, local attacker to elevate the privilege level associated with their session. More Information: CSCva38636. Known Affected Releases: 4.10(1). Known Fixed Releases: 5.0(1). Vendors have confirmed this vulnerability Bug ID CSCva38636 It is released as.Local users may be able to elevate the privileges associated with the session. \nA local attacker may exploit this issue to gain elevated privileges on the affected system. \nThis issue is being tracked by Cisco Bug ID CSCva38636. The solution supports the simplification of radio dispatching operations and improves the ability to respond to accidents, emergencies, and facility incidents",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-6430"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005729"
},
{
"db": "BID",
"id": "93919"
},
{
"db": "VULHUB",
"id": "VHN-95250"
},
{
"db": "VULMON",
"id": "CVE-2016-6430"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-6430",
"trust": 2.9
},
{
"db": "BID",
"id": "93919",
"trust": 2.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005729",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201610-771",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-95250",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-6430",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95250"
},
{
"db": "VULMON",
"id": "CVE-2016-6430"
},
{
"db": "BID",
"id": "93919"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005729"
},
{
"db": "NVD",
"id": "CVE-2016-6430"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-771"
}
]
},
"id": "VAR-201611-0157",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-95250"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:37:39.982000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20161026-ipics2",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20161026-ipics2"
},
{
"title": "Cisco IP Interoperability and Collaboration System Repair measures for privilege escalation",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65124"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/cisco-patches-critical-vulnerability-in-facility-events-response-system/121626/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-6430"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005729"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-771"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95250"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005729"
},
{
"db": "NVD",
"id": "CVE-2016-6430"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20161026-ipics2"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/93919"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6430"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6430"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/264.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/cisco-patches-critical-vulnerability-in-facility-events-response-system/121626/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-95250"
},
{
"db": "VULMON",
"id": "CVE-2016-6430"
},
{
"db": "BID",
"id": "93919"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005729"
},
{
"db": "NVD",
"id": "CVE-2016-6430"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-771"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-95250"
},
{
"db": "VULMON",
"id": "CVE-2016-6430"
},
{
"db": "BID",
"id": "93919"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005729"
},
{
"db": "NVD",
"id": "CVE-2016-6430"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-771"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-03T00:00:00",
"db": "VULHUB",
"id": "VHN-95250"
},
{
"date": "2016-11-03T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6430"
},
{
"date": "2016-10-26T00:00:00",
"db": "BID",
"id": "93919"
},
{
"date": "2016-11-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005729"
},
{
"date": "2016-11-03T21:59:01.310000",
"db": "NVD",
"id": "CVE-2016-6430"
},
{
"date": "2016-10-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-771"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-95250"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULMON",
"id": "CVE-2016-6430"
},
{
"date": "2016-11-24T05:04:00",
"db": "BID",
"id": "93919"
},
{
"date": "2016-11-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005729"
},
{
"date": "2016-11-28T20:32:40.903000",
"db": "NVD",
"id": "CVE-2016-6430"
},
{
"date": "2016-11-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-771"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "93919"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-771"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IP Interoperability and Collaboration System Elevated privilege vulnerability in the command line interface",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005729"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-771"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…