Details of VAR-201603-0291

ID

VAR-201603-0291

CVE

CVE-2016-1366

TITLE

Cisco Network Convergence System 6000 Run on device IOS XR of SCP and SFTP Service disruption in modules (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2016-001906

DESCRIPTION

The SCP and SFTP modules in Cisco IOS XR 5.0.0 through 5.2.5 on Network Convergence System 6000 devices use weak permissions for system files, which allows remote authenticated users to cause a denial of service (overwrite) via unspecified vectors, aka Bug ID CSCuw75848. Vendors have confirmed this vulnerability Bug ID CSCuw75848 It is released as.Service disruption by remotely authenticated user ( Overwrite ) There is a possibility of being put into a state. The Cisco IOSXRforCiscoNCS6000 is a Cisco network operating system running on the NCS6000 series of routers. A security vulnerability exists in the SCP and SFTP modules in the Cisco IOSXR Software 5.0.0 to 5.2.5 versions of the Cisco NCS6000 due to the program's failure to properly set the path to include the system files. A remote attacker could exploit the vulnerability to overwrite system files, causing a denial of service. Cisco IOS XR Software is prone to a remote denial-of-service vulnerability. This issue is being tracked by Cisco Bug ID CSCuw75848. Note: This issue was previously titled 'Cisco Network Convergence System 6000 Series Routers Remote Denial of Service Vulnerability'. The title and technical details have been changed to better reflect the underlying component affected. Both Secure Copy Protocol (SCP) and Secure FTP (SFTP) are among the security protocol modules. The vulnerability is caused by the program not properly setting permissions for paths containing system files

Trust: 2.52

sources: NVD: CVE-2016-1366 // JVNDB: JVNDB-2016-001906 // CNVD: CNVD-2016-01921 // BID: 85373 // VULHUB: VHN-90185

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-01921

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xr	scope:	eq	version:	5.0.0	Trust: 1.6
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.0.1	Trust: 1.6
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.2.5	Trust: 1.6
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.2.4	Trust: 1.6
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.2.1	Trust: 1.6
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.2.3	Trust: 1.6
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.0.0 to 5.2.5	Trust: 0.8
vendor:	cisco	model:	network convergence system series	scope:	eq	version:	6000	Trust: 0.6
vendor:	cisco	model:	ios xr	scope:	eq	version:	5.0.0-5.2.5	Trust: 0.6
vendor:	cisco	model:	ios xr	scope:	-	version:	-	Trust: 0.3

sources: CNVD: CNVD-2016-01921 // BID: 85373 // JVNDB: JVNDB-2016-001906 // CNNVD: CNNVD-201603-355 // NVD: CVE-2016-1366

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-1366
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2016-1366
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2016-01921
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201603-355
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-90185
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-1366
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:N/I:C/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	COMPLETE
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2016-01921
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:N/I:C/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	COMPLETE
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-90185
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:N/I:C/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	COMPLETE
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-1366
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.0
Trust: 1.0

sources: CNVD: CNVD-2016-01921 // VULHUB: VHN-90185 // JVNDB: JVNDB-2016-001906 // CNNVD: CNNVD-201603-355 // NVD: CVE-2016-1366

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-90185 // JVNDB: JVNDB-2016-001906 // NVD: CVE-2016-1366

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201603-355

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201603-355

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-001906

PATCH

title:	cisco-sa-20160323-ncs	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-ncs	Trust: 0.8
title:	Patch for CiscoNCS6000IOSXRSoftwareSecureCopyProtocol and SecureFTP Denial of Service Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/73333	Trust: 0.6
title:	Cisco Network Convergence System 6000 IOS XR Software Secure Copy Protocol and Secure FTP Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60680	Trust: 0.6

sources: CNVD: CNVD-2016-01921 // JVNDB: JVNDB-2016-001906 // CNNVD: CNNVD-201603-355

EXTERNAL IDS

db:	NVD	id:	CVE-2016-1366	Trust: 3.4
db:	SECTRACK	id:	1035407	Trust: 1.1
db:	JVNDB	id:	JVNDB-2016-001906	Trust: 0.8
db:	CNNVD	id:	CNNVD-201603-355	Trust: 0.7
db:	CNVD	id:	CNVD-2016-01921	Trust: 0.6
db:	BID	id:	85373	Trust: 0.4
db:	VULHUB	id:	VHN-90185	Trust: 0.1

sources: CNVD: CNVD-2016-01921 // VULHUB: VHN-90185 // BID: 85373 // JVNDB: JVNDB-2016-001906 // CNNVD: CNNVD-201603-355 // NVD: CVE-2016-1366

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160323-ncs	Trust: 2.3
url:	http://www.securitytracker.com/id/1035407	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1366	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1366	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2016-01921 // VULHUB: VHN-90185 // BID: 85373 // JVNDB: JVNDB-2016-001906 // CNNVD: CNNVD-201603-355 // NVD: CVE-2016-1366

CREDITS

Cisco

Trust: 0.3

sources: BID: 85373

SOURCES

db:	CNVD	id:	CNVD-2016-01921
db:	VULHUB	id:	VHN-90185
db:	BID	id:	85373
db:	JVNDB	id:	JVNDB-2016-001906
db:	CNNVD	id:	CNNVD-201603-355
db:	NVD	id:	CVE-2016-1366

LAST UPDATE DATE

2024-11-23T22:56:22.489000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-01921	date:	2016-03-30T00:00:00
db:	VULHUB	id:	VHN-90185	date:	2016-12-03T00:00:00
db:	BID	id:	85373	date:	2016-07-05T22:03:00
db:	JVNDB	id:	JVNDB-2016-001906	date:	2016-03-28T00:00:00
db:	CNNVD	id:	CNNVD-201603-355	date:	2016-03-25T00:00:00
db:	NVD	id:	CVE-2016-1366	date:	2024-11-21T02:46:15.953

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-01921	date:	2016-03-30T00:00:00
db:	VULHUB	id:	VHN-90185	date:	2016-03-24T00:00:00
db:	BID	id:	85373	date:	2016-03-23T00:00:00
db:	JVNDB	id:	JVNDB-2016-001906	date:	2016-03-28T00:00:00
db:	CNNVD	id:	CNNVD-201603-355	date:	2016-03-24T00:00:00
db:	NVD	id:	CVE-2016-1366	date:	2016-03-24T22:59:00.953