Sign-up

ID

VAR-201609-0321


CVE

CVE-2016-6411


TITLE

Cisco Firepower Management Center and FireSIGHT System Software Security Bypass Vulnerability

Trust: 0.9

sources: BID: 93098 // CNNVD: CNNVD-201609-515

DESCRIPTION

Cisco Firepower Management Center and FireSIGHT System Software 6.0.1 mishandle comparisons between URLs and X.509 certificates, which allows remote attackers to bypass intended do-not-decrypt settings via a crafted URL, aka Bug ID CSCva50585. Vendors have confirmed this vulnerability Bug ID CSCva50585 It is released as.Skillfully crafted by a third party URL Through do-not-decrypt Setting may be avoided. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCva50585

Trust: 1.98

sources: NVD: CVE-2016-6411 // JVNDB: JVNDB-2016-004901 // BID: 93098 // VULHUB: VHN-95231

AFFECTED PRODUCTS

vendor:ciscomodel:firesight system softwarescope:eqversion:6.0.1

Trust: 2.4

vendor:ciscomodel:firepower management centerscope: - version: -

Trust: 0.8

vendor:ciscomodel:firesight system softwarescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:firepower management centerscope:eqversion:0

Trust: 0.3

sources: BID: 93098 // JVNDB: JVNDB-2016-004901 // CNNVD: CNNVD-201609-515 // NVD: CVE-2016-6411

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-6411
value: HIGH

Trust: 1.0

NVD: CVE-2016-6411
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201609-515
value: MEDIUM

Trust: 0.6

VULHUB: VHN-95231
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-6411
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-95231
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-6411
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-95231 // JVNDB: JVNDB-2016-004901 // CNNVD: CNNVD-201609-515 // NVD: CVE-2016-6411

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-95231 // JVNDB: JVNDB-2016-004901 // NVD: CVE-2016-6411

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201609-515

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201609-515

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-004901

PATCH
title:cisco-sa-20160921-fmcurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-fmc
Trust: 0.8
title:Cisco Firepower Management Center  and FireSIGHT System Software Repair measures for security bypass vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64251
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2016-004901 // 
            
            
            
            CNNVD: CNNVD-201609-515

EXTERNAL IDS
db:NVDid:CVE-2016-6411
Trust: 2.8
db:SECTRACKid:1036877
Trust: 1.1
db:BIDid:93098
Trust: 0.9
db:JVNDBid:JVNDB-2016-004901
Trust: 0.8
db:CNNVDid:CNNVD-201609-515
Trust: 0.7
db:VULHUBid:VHN-95231
Trust: 0.1
sources:
            
            
            VULHUB: VHN-95231 // 
            
            
            
            BID: 93098 // 
            
            
            
            JVNDB: JVNDB-2016-004901 // 
            
            
            
            CNNVD: CNNVD-201609-515 // 
            
            
            
            NVD: CVE-2016-6411

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160921-fmc
Trust: 2.0
url:http://www.securitytracker.com/id/1036877
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6411
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6411
Trust: 0.8
url:http://www.securityfocus.com/bid/93098
Trust: 0.6
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-95231 // 
            
            
            
            BID: 93098 // 
            
            
            
            JVNDB: JVNDB-2016-004901 // 
            
            
            
            CNNVD: CNNVD-201609-515 // 
            
            
            
            NVD: CVE-2016-6411

CREDITS
Cisco
Trust: 0.9
sources:
            
            
            BID: 93098 // 
            
            
            
            CNNVD: CNNVD-201609-515

SOURCES
db:VULHUBid:VHN-95231
db:BIDid:93098
db:JVNDBid:JVNDB-2016-004901
db:CNNVDid:CNNVD-201609-515
db:NVDid:CVE-2016-6411

LAST UPDATE DATE
2024-11-23T23:12:35.286000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-95231date:2017-07-30T00:00:00
db:BIDid:93098date:2016-09-23T00:00:00
db:JVNDBid:JVNDB-2016-004901date:2016-09-28T00:00:00
db:CNNVDid:CNNVD-201609-515date:2016-09-26T00:00:00
db:NVDid:CVE-2016-6411date:2024-11-21T02:56:04.757

SOURCES RELEASE DATE
db:VULHUBid:VHN-95231date:2016-09-24T00:00:00
db:BIDid:93098date:2016-09-21T00:00:00
db:JVNDBid:JVNDB-2016-004901date:2016-09-28T00:00:00
db:CNNVDid:CNNVD-201609-515date:2016-09-22T00:00:00
db:NVDid:CVE-2016-6411date:2016-09-24T01:59:04.057