Details of VAR-201604-0061

ID

VAR-201604-0061

CVE

CVE-2016-1291

TITLE

Cisco Prime Infrastructure and Evolved Programmable Network Manager Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2016-001950

DESCRIPTION

Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID CSCuw03192. An attacker can exploit this issue to execute arbitrary code on the affected system. This may aid in further attacks. This issue being tracked by Cisco Bug ID's CSCuw03192 and CSCuy10236. PI is a set of wireless management solutions through Cisco Prime LAN Management Solution (LMS) and Cisco Prime Network Control System (NCS) technologies; EPNM is a set of network management solutions. A security vulnerability exists in Cisco PI Releases 1.2.0 through 2.2(2) and Cisco EPNM Release 1.2

Trust: 2.07

sources: NVD: CVE-2016-1291 // JVNDB: JVNDB-2016-001950 // BID: 85878 // VULHUB: VHN-90110 // VULMON: CVE-2016-1291

AFFECTED PRODUCTS

vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	2.1.0	Trust: 1.6
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.4.1	Trust: 1.6
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.4.2	Trust: 1.6
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.2.1	Trust: 1.6
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.3.0.20	Trust: 1.6
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.4.0.45	Trust: 1.6
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.2.0.103	Trust: 1.0
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.2	Trust: 1.0
vendor:	cisco	model:	evolved programmable network manager	scope:	eq	version:	1.2.0	Trust: 1.0
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	2.2	Trust: 1.0
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	2.0	Trust: 1.0
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.3	Trust: 1.0
vendor:	sun	model:	opensolaris	scope:	eq	version:	snv_124	Trust: 1.0
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.4	Trust: 1.0
vendor:	cisco	model:	evolved programmable network manager	scope:	eq	version:	1.2	Trust: 0.8
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.2.0 to 2.2(2)	Trust: 0.8
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.4.0	Trust: 0.6
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.3.0	Trust: 0.6
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	1.2.0	Trust: 0.6
vendor:	cisco	model:	prime infrastructure	scope:	eq	version:	2.0.0	Trust: 0.6

sources: JVNDB: JVNDB-2016-001950 // CNNVD: CNNVD-201604-047 // NVD: CVE-2016-1291

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-1291
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2016-1291
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-201604-047
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-90110
value:	HIGH
Trust: 0.1
VULMON:	CVE-2016-1291
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2016-1291
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-90110
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-1291
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-90110 // VULMON: CVE-2016-1291 // JVNDB: JVNDB-2016-001950 // CNNVD: CNNVD-201604-047 // NVD: CVE-2016-1291

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-90110 // JVNDB: JVNDB-2016-001950 // NVD: CVE-2016-1291

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201604-047

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201604-047

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-001950

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-90110

PATCH

title:	cisco-sa-20160406-remcode	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode	Trust: 0.8
title:	Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Fixes for arbitrary code execution vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60782	Trust: 0.6
title:	java-deserialization-exploits	url:	https://github.com/s0wr0b1ndef/java-deserialization-exploits	Trust: 0.1
title:	java-deserialization-exploits	url:	https://github.com/Shadowshusky/java-deserialization-exploits	Trust: 0.1
title:	Java-Deserialization-Cheat-Sheet	url:	https://github.com/klausware/Java-Deserialization-Cheat-Sheet	Trust: 0.1
title:	Java-Deserialization-Cheat-Sheet	url:	https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet	Trust: 0.1
title:	Java-Deserialization-CVEs	url:	https://github.com/PalindromeLabs/Java-Deserialization-CVEs	Trust: 0.1

sources: VULMON: CVE-2016-1291 // JVNDB: JVNDB-2016-001950 // CNNVD: CNNVD-201604-047

EXTERNAL IDS

db:	NVD	id:	CVE-2016-1291	Trust: 2.9
db:	SECTRACK	id:	1035497	Trust: 1.8
db:	JVNDB	id:	JVNDB-2016-001950	Trust: 0.8
db:	CNNVD	id:	CNNVD-201604-047	Trust: 0.7
db:	BID	id:	85878	Trust: 0.5
db:	SEEBUG	id:	SSVID-91276	Trust: 0.1
db:	VULHUB	id:	VHN-90110	Trust: 0.1
db:	VULMON	id:	CVE-2016-1291	Trust: 0.1

sources: VULHUB: VHN-90110 // VULMON: CVE-2016-1291 // BID: 85878 // JVNDB: JVNDB-2016-001950 // CNNVD: CNNVD-201604-047 // NVD: CVE-2016-1291

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160406-remcode	Trust: 1.8
url:	https://blogs.securiteam.com/index.php/archives/2727	Trust: 1.8
url:	http://www.securitytracker.com/id/1035497	Trust: 1.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1291	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1291	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.securityfocus.com/bid/85878	Trust: 0.1
url:	https://github.com/s0wr0b1ndef/java-deserialization-exploits	Trust: 0.1

sources: VULHUB: VHN-90110 // VULMON: CVE-2016-1291 // BID: 85878 // JVNDB: JVNDB-2016-001950 // CNNVD: CNNVD-201604-047 // NVD: CVE-2016-1291

CREDITS

Cisco

Trust: 0.3

sources: BID: 85878

SOURCES

db:	VULHUB	id:	VHN-90110
db:	VULMON	id:	CVE-2016-1291
db:	BID	id:	85878
db:	JVNDB	id:	JVNDB-2016-001950
db:	CNNVD	id:	CNNVD-201604-047
db:	NVD	id:	CVE-2016-1291

LAST UPDATE DATE

2024-11-23T22:07:51.863000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-90110	date:	2019-07-29T00:00:00
db:	VULMON	id:	CVE-2016-1291	date:	2019-07-29T00:00:00
db:	BID	id:	85878	date:	2016-04-06T00:00:00
db:	JVNDB	id:	JVNDB-2016-001950	date:	2016-04-08T00:00:00
db:	CNNVD	id:	CNNVD-201604-047	date:	2019-07-30T00:00:00
db:	NVD	id:	CVE-2016-1291	date:	2024-11-21T02:46:07.733

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-90110	date:	2016-04-06T00:00:00
db:	VULMON	id:	CVE-2016-1291	date:	2016-04-06T00:00:00
db:	BID	id:	85878	date:	2016-04-06T00:00:00
db:	JVNDB	id:	JVNDB-2016-001950	date:	2016-04-08T00:00:00
db:	CNNVD	id:	CNNVD-201604-047	date:	2016-04-07T00:00:00
db:	NVD	id:	CVE-2016-1291	date:	2016-04-06T23:59:11.847