Details of VAR-201609-0308

ID

VAR-201609-0308

CVE

CVE-2016-6396

TITLE

Cisco Firepower Management Center and FireSIGHT system Vulnerabilities in software that prevent malware detection

Trust: 0.8

sources: JVNDB: JVNDB-2016-004637

DESCRIPTION

Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1, when certain malware blocking options are enabled, allow remote attackers to bypass malware detection via crafted fields in HTTP headers, aka Bug ID CSCuz44482. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks

Trust: 2.07

sources: NVD: CVE-2016-6396 // JVNDB: JVNDB-2016-004637 // BID: 92826 // VULHUB: VHN-95216 // VULMON: CVE-2016-6396

AFFECTED PRODUCTS

vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.3.1	Trust: 1.9
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.4.1.2	Trust: 1.9
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.3.1.4	Trust: 1.9
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.3.1.3	Trust: 1.9
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.3.1.2	Trust: 1.9
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.3.1.5	Trust: 1.6
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.4.0.6	Trust: 1.6
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.1.1.10	Trust: 1.6
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.2.0.8	Trust: 1.6
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.1.0.3	Trust: 1.6
vendor:	cisco	model:	firesight system software	scope:	eq	version:	6.0.1	Trust: 1.3
vendor:	cisco	model:	firesight system software	scope:	eq	version:	6.0.0	Trust: 1.3
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.4.0.2	Trust: 1.3
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.4.0.1	Trust: 1.3
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.3.1.1	Trust: 1.3
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.1.1.8	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.4.1.4	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.3.0.3	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.2.0.1	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.3.0.1	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.3.0.2	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.2.0.3	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.2.0.4	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.2.0.5	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.4.0	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.1.1.9	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.3.1.7	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.4.0.4	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.1.1.1	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.1.0	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.1.1.3	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.3.0.5	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.3.0.4	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.4.1.3	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.2.0	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.3.0.7	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.1.0.2	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.1.1	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.1.0.1	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.4.1	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.4.0.5	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.3.0	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.4.0.3	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.1.1.6	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.1.1.5	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	6.0.0.1	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.1.1.4	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.1.1.11	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.3.0.6	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.1.1.2	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.2.0.2	Trust: 1.0
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.2.0.6	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	lt	version:	6.1	Trust: 0.8
vendor:	cisco	model:	firesight system software	scope:	lt	version:	6.1	Trust: 0.8
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.4	Trust: 0.3
vendor:	cisco	model:	firesight system software	scope:	eq	version:	5.3	Trust: 0.3
vendor:	cisco	model:	firesight system software	scope:	eq	version:	6.0	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.0	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	eq	version:	5.4.1	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	eq	version:	5.4	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	eq	version:	5.3.1	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	eq	version:	5.3	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	eq	version:	5.2	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	eq	version:	4.10.3	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	eq	version:	5.4.1.3	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	eq	version:	5.4.0.1	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	eq	version:	5.3.1.2	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	eq	version:	5.3.0.4	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	eq	version:	5.3.0.3	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	eq	version:	5.3.0.2	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	eq	version:	5.0	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	eq	version:	4.10.3.9	Trust: 0.3
vendor:	cisco	model:	firesight system software	scope:	ne	version:	6.1.0	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	ne	version:	6.1	Trust: 0.3

sources: BID: 92826 // JVNDB: JVNDB-2016-004637 // CNNVD: CNNVD-201609-107 // NVD: CVE-2016-6396

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-6396
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2016-6396
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201609-107
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-95216
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2016-6396
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-6396
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-95216
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-6396
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-95216 // VULMON: CVE-2016-6396 // JVNDB: JVNDB-2016-004637 // CNNVD: CNNVD-201609-107 // NVD: CVE-2016-6396

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-95216 // JVNDB: JVNDB-2016-004637 // NVD: CVE-2016-6396

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201609-107

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201609-107

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-004637

PATCH

title:	cisco-sa-20160907-fsss1	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160907-fsss1	Trust: 0.8
title:	Cisco Firepower Management Center and FireSIGHT System Software Remote security bypass vulnerability Repair measures	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63930	Trust: 0.6
title:	Cisco: Cisco Firepower Management Center and FireSIGHT System Software Malware Bypass Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20160907-fsss1	Trust: 0.1

sources: VULMON: CVE-2016-6396 // JVNDB: JVNDB-2016-004637 // CNNVD: CNNVD-201609-107

EXTERNAL IDS

db:	NVD	id:	CVE-2016-6396	Trust: 2.9
db:	BID	id:	92826	Trust: 2.1
db:	SECTRACK	id:	1036756	Trust: 1.2
db:	JVNDB	id:	JVNDB-2016-004637	Trust: 0.8
db:	CNNVD	id:	CNNVD-201609-107	Trust: 0.7
db:	NSFOCUS	id:	34779	Trust: 0.6
db:	VULHUB	id:	VHN-95216	Trust: 0.1
db:	VULMON	id:	CVE-2016-6396	Trust: 0.1

sources: VULHUB: VHN-95216 // VULMON: CVE-2016-6396 // BID: 92826 // JVNDB: JVNDB-2016-004637 // CNNVD: CNNVD-201609-107 // NVD: CVE-2016-6396

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160907-fsss1	Trust: 2.2
url:	http://www.securityfocus.com/bid/92826	Trust: 1.8
url:	http://www.securitytracker.com/id/1036756	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6396	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6396	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/34779	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-95216 // VULMON: CVE-2016-6396 // BID: 92826 // JVNDB: JVNDB-2016-004637 // CNNVD: CNNVD-201609-107 // NVD: CVE-2016-6396

CREDITS

Cisco

Trust: 0.9

sources: BID: 92826 // CNNVD: CNNVD-201609-107

SOURCES

db:	VULHUB	id:	VHN-95216
db:	VULMON	id:	CVE-2016-6396
db:	BID	id:	92826
db:	JVNDB	id:	JVNDB-2016-004637
db:	CNNVD	id:	CNNVD-201609-107
db:	NVD	id:	CVE-2016-6396

LAST UPDATE DATE

2024-11-23T22:13:14+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-95216	date:	2016-11-28T00:00:00
db:	VULMON	id:	CVE-2016-6396	date:	2016-11-28T00:00:00
db:	BID	id:	92826	date:	2016-09-07T00:00:00
db:	JVNDB	id:	JVNDB-2016-004637	date:	2016-09-14T00:00:00
db:	CNNVD	id:	CNNVD-201609-107	date:	2016-09-13T00:00:00
db:	NVD	id:	CVE-2016-6396	date:	2024-11-21T02:56:03.020

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-95216	date:	2016-09-12T00:00:00
db:	VULMON	id:	CVE-2016-6396	date:	2016-09-12T00:00:00
db:	BID	id:	92826	date:	2016-09-07T00:00:00
db:	JVNDB	id:	JVNDB-2016-004637	date:	2016-09-14T00:00:00
db:	CNNVD	id:	CNNVD-201609-107	date:	2016-09-08T00:00:00
db:	NVD	id:	CVE-2016-6396	date:	2016-09-12T10:59:09.523