Details of VAR-201609-0316

ID

VAR-201609-0316

CVE

CVE-2016-6406

TITLE

Cisco E Email Security Runs on the appliance device IronPort AsyncOS In root Vulnerability for which access rights are acquired

Trust: 0.8

sources: JVNDB: JVNDB-2016-004894

DESCRIPTION

Cisco IronPort AsyncOS 9.1.2-023, 9.1.2-028, 9.1.2-036, 9.7.2-046, 9.7.2-047, 9.7.2-054, 10.0.0-124, and 10.0.0-125 on Email Security Appliance (ESA) devices, when Enrollment Client before 1.0.2-065 is installed, allows remote attackers to obtain root access via a connection to the testing/debugging interface, aka Bug ID CSCvb26017. Vendors have confirmed this vulnerability Bug ID CSCvb26017 It is released as.By connecting to a test / debug interface by a third party, root Access rights may be obtained. A permission acquisition vulnerability exists in Cisco IronPortAsyncOS for Cisco ESA. When the version before EnrollmentClient1.0.2-065 is installed, the remote attacker can use the vulnerability of the testing or debugging interface to obtain root privileges. An attacker may exploit this issue to gain root privileges on the affected device; this can also result in the attacker gaining complete control of the affected system. This issue is being tracked by Cisco Bug ID CSCvb26017

Trust: 2.61

sources: NVD: CVE-2016-6406 // JVNDB: JVNDB-2016-004894 // CNVD: CNVD-2016-08217 // BID: 93116 // VULHUB: VHN-95226 // VULMON: CVE-2016-6406

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-08217

AFFECTED PRODUCTS

vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.1.2-023	Trust: 2.5
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.1.2-028	Trust: 2.5
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.1.2-036	Trust: 2.5
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.7.2-046	Trust: 2.5
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.7.2-047	Trust: 2.5
vendor:	cisco	model:	email security appliance	scope:	eq	version:	10.0.0-124	Trust: 2.5
vendor:	cisco	model:	email security appliance	scope:	eq	version:	10.0.0-125	Trust: 2.5
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.7.2-054	Trust: 2.2
vendor:	cisco	model:	asyncos	scope:	eq	version:	10.0.0-124	Trust: 0.8
vendor:	cisco	model:	asyncos	scope:	eq	version:	10.0.0-125	Trust: 0.8
vendor:	cisco	model:	asyncos	scope:	eq	version:	9.1.2-023	Trust: 0.8
vendor:	cisco	model:	asyncos	scope:	eq	version:	9.1.2-028	Trust: 0.8
vendor:	cisco	model:	asyncos	scope:	eq	version:	9.1.2-036	Trust: 0.8
vendor:	cisco	model:	asyncos	scope:	eq	version:	9.7.2-046	Trust: 0.8
vendor:	cisco	model:	asyncos	scope:	eq	version:	9.7.2-047	Trust: 0.8
vendor:	cisco	model:	asyncos	scope:	eq	version:	9.7.2-054	Trust: 0.8
vendor:	cisco	model:	e email security the appliance	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	e email security virtual appliance	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	email security appliance	scope:	eq	version:	9.7-2-054	Trust: 0.3

sources: CNVD: CNVD-2016-08217 // BID: 93116 // JVNDB: JVNDB-2016-004894 // CNNVD: CNNVD-201609-559 // NVD: CVE-2016-6406

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-6406
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2016-6406
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2016-08217
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201609-559
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-95226
value:	HIGH
Trust: 0.1
VULMON:	CVE-2016-6406
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2016-6406
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2016-08217
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-95226
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-6406
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2016-08217 // VULHUB: VHN-95226 // VULMON: CVE-2016-6406 // JVNDB: JVNDB-2016-004894 // CNNVD: CNNVD-201609-559 // NVD: CVE-2016-6406

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-95226 // JVNDB: JVNDB-2016-004894 // NVD: CVE-2016-6406

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201609-559

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201609-559

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-004894

PATCH

title:	cisco-sa-20160922-esa	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160922-esa	Trust: 0.8
title:	CiscoIronPortAsyncOSfor CiscoEmailSecurityAppliances Permission to Obtain Vulnerability Patches	url:	https://www.cnvd.org.cn/patchInfo/show/81861	Trust: 0.6
title:	Cisco IronPort AsyncOS for Cisco Email Security Appliances Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64288	Trust: 0.6
title:	Cisco: Cisco Email Security Appliance Internal Testing Interface Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20160922-esa	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/cisco-warns-of-critical-flaw-in-email-security-appliances/120968/	Trust: 0.1

sources: CNVD: CNVD-2016-08217 // VULMON: CVE-2016-6406 // JVNDB: JVNDB-2016-004894 // CNNVD: CNNVD-201609-559

EXTERNAL IDS

db:	NVD	id:	CVE-2016-6406	Trust: 3.5
db:	BID	id:	93116	Trust: 2.1
db:	SECTRACK	id:	1036881	Trust: 1.2
db:	JVNDB	id:	JVNDB-2016-004894	Trust: 0.8
db:	CNNVD	id:	CNNVD-201609-559	Trust: 0.7
db:	CNVD	id:	CNVD-2016-08217	Trust: 0.6
db:	VULHUB	id:	VHN-95226	Trust: 0.1
db:	VULMON	id:	CVE-2016-6406	Trust: 0.1

sources: CNVD: CNVD-2016-08217 // VULHUB: VHN-95226 // VULMON: CVE-2016-6406 // BID: 93116 // JVNDB: JVNDB-2016-004894 // CNNVD: CNNVD-201609-559 // NVD: CVE-2016-6406

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160922-esa	Trust: 2.8
url:	http://www.securityfocus.com/bid/93116	Trust: 1.9
url:	http://www.securitytracker.com/id/1036881	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6406	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6406	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/264.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://threatpost.com/cisco-warns-of-critical-flaw-in-email-security-appliances/120968/	Trust: 0.1

sources: CNVD: CNVD-2016-08217 // VULHUB: VHN-95226 // VULMON: CVE-2016-6406 // BID: 93116 // JVNDB: JVNDB-2016-004894 // CNNVD: CNNVD-201609-559 // NVD: CVE-2016-6406

CREDITS

Cisco

Trust: 0.3

sources: BID: 93116

SOURCES

db:	CNVD	id:	CNVD-2016-08217
db:	VULHUB	id:	VHN-95226
db:	VULMON	id:	CVE-2016-6406
db:	BID	id:	93116
db:	JVNDB	id:	JVNDB-2016-004894
db:	CNNVD	id:	CNNVD-201609-559
db:	NVD	id:	CVE-2016-6406

LAST UPDATE DATE

2024-11-23T23:02:33.296000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-08217	date:	2016-09-28T00:00:00
db:	VULHUB	id:	VHN-95226	date:	2017-07-30T00:00:00
db:	VULMON	id:	CVE-2016-6406	date:	2017-07-30T00:00:00
db:	BID	id:	93116	date:	2016-09-23T00:01:00
db:	JVNDB	id:	JVNDB-2016-004894	date:	2016-09-28T00:00:00
db:	CNNVD	id:	CNNVD-201609-559	date:	2016-09-26T00:00:00
db:	NVD	id:	CVE-2016-6406	date:	2024-11-21T02:56:04.173

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-08217	date:	2016-09-28T00:00:00
db:	VULHUB	id:	VHN-95226	date:	2016-09-22T00:00:00
db:	VULMON	id:	CVE-2016-6406	date:	2016-09-22T00:00:00
db:	BID	id:	93116	date:	2016-09-22T00:00:00
db:	JVNDB	id:	JVNDB-2016-004894	date:	2016-09-28T00:00:00
db:	CNNVD	id:	CNNVD-201609-559	date:	2016-09-23T00:00:00
db:	NVD	id:	CVE-2016-6406	date:	2016-09-22T22:59:22.193