Sign-up

ID

VAR-201610-0271


CVE

CVE-2016-6420


TITLE

Cisco FirePOWER Management Center of FireSIGHT system Vulnerabilities that can bypass authentication checks in software

Trust: 0.8

sources: JVNDB: JVNDB-2016-005109

DESCRIPTION

Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, aka Bug ID CSCur25467. An attacker can exploit this issue to gain elevated privileges on an affected device. This issue is being tracked by Cisco Bug ID CSCur25467

Trust: 2.07

sources: NVD: CVE-2016-6420 // JVNDB: JVNDB-2016-005109 // BID: 93204 // VULHUB: VHN-95240 // VULMON: CVE-2016-6420

AFFECTED PRODUCTS

vendor:ciscomodel:firesight system softwarescope:eqversion:4.10.3

Trust: 2.4

vendor:ciscomodel:firesight system softwarescope:eqversion:5.2.0

Trust: 2.4

vendor:ciscomodel:firesight system softwarescope:eqversion:5.3.0

Trust: 2.4

vendor:ciscomodel:firesight system softwarescope:eqversion:5.3.1

Trust: 2.4

vendor:ciscomodel:firesight system softwarescope:eqversion:5.4.0

Trust: 2.4

vendor:ciscomodel:firepower management centerscope: - version: -

Trust: 0.8

vendor:ciscomodel:firesight system softwarescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:firepower management centerscope:eqversion:0

Trust: 0.3

sources: BID: 93204 // JVNDB: JVNDB-2016-005109 // CNNVD: CNNVD-201609-638 // NVD: CVE-2016-6420

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-6420
value: MEDIUM

Trust: 1.0

NVD: CVE-2016-6420
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201609-638
value: MEDIUM

Trust: 0.6

VULHUB: VHN-95240
value: MEDIUM

Trust: 0.1

VULMON: CVE-2016-6420
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-6420
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:L/AU:S/C:C/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-95240
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:L/AU:S/C:C/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-6420
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-95240 // VULMON: CVE-2016-6420 // JVNDB: JVNDB-2016-005109 // CNNVD: CNNVD-201609-638 // NVD: CVE-2016-6420

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-95240 // JVNDB: JVNDB-2016-005109 // NVD: CVE-2016-6420

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201609-638

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201609-638

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-005109

PATCH
title:cisco-sa-20160928-fmc1url:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-fmc1
Trust: 0.8
title:Cisco Firepower Management Center Repair measures for privilege escalationurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64409
Trust: 0.6
title:Cisco: Cisco Firepower Management Center Privilege Escalation Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20160928-fmc1
Trust: 0.1
title:Threatposturl:https://threatpost.com/cisco-warns-of-critical-flaw-in-email-security-appliances/120968/
Trust: 0.1
sources:
            
            
            VULMON: CVE-2016-6420 // 
            
            
            
            JVNDB: JVNDB-2016-005109 // 
            
            
            
            CNNVD: CNNVD-201609-638

EXTERNAL IDS
db:NVDid:CVE-2016-6420
Trust: 2.9
db:BIDid:93204
Trust: 2.1
db:SECTRACKid:1036919
Trust: 1.2
db:JVNDBid:JVNDB-2016-005109
Trust: 0.8
db:CNNVDid:CNNVD-201609-638
Trust: 0.7
db:NSFOCUSid:34986
Trust: 0.6
db:VULHUBid:VHN-95240
Trust: 0.1
db:VULMONid:CVE-2016-6420
Trust: 0.1
sources:
            
            
            VULHUB: VHN-95240 // 
            
            
            
            VULMON: CVE-2016-6420 // 
            
            
            
            BID: 93204 // 
            
            
            
            JVNDB: JVNDB-2016-005109 // 
            
            
            
            CNNVD: CNNVD-201609-638 // 
            
            
            
            NVD: CVE-2016-6420

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160928-fmc1
Trust: 2.2
url:http://www.securityfocus.com/bid/93204
Trust: 1.9
url:http://www.securitytracker.com/id/1036919
Trust: 1.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6420
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6420
Trust: 0.8
url:http://www.nsfocus.net/vulndb/34986
Trust: 0.6
url:http://www.cisco.com/
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/200.html
Trust: 0.1
url:https://cwe.mitre.org/data/definitions/264.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://threatpost.com/cisco-warns-of-critical-flaw-in-email-security-appliances/120968/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-95240 // 
            
            
            
            VULMON: CVE-2016-6420 // 
            
            
            
            BID: 93204 // 
            
            
            
            JVNDB: JVNDB-2016-005109 // 
            
            
            
            CNNVD: CNNVD-201609-638 // 
            
            
            
            NVD: CVE-2016-6420

CREDITS
Cisco
Trust: 0.9
sources:
            
            
            BID: 93204 // 
            
            
            
            CNNVD: CNNVD-201609-638

SOURCES
db:VULHUBid:VHN-95240
db:VULMONid:CVE-2016-6420
db:BIDid:93204
db:JVNDBid:JVNDB-2016-005109
db:CNNVDid:CNNVD-201609-638
db:NVDid:CVE-2016-6420

LAST UPDATE DATE
2024-11-23T22:49:13.888000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-95240date:2017-07-30T00:00:00
db:VULMONid:CVE-2016-6420date:2017-07-30T00:00:00
db:BIDid:93204date:2016-10-03T07:00:00
db:JVNDBid:JVNDB-2016-005109date:2016-10-06T00:00:00
db:CNNVDid:CNNVD-201609-638date:2016-10-08T00:00:00
db:NVDid:CVE-2016-6420date:2024-11-21T02:56:05.770

SOURCES RELEASE DATE
db:VULHUBid:VHN-95240date:2016-10-05T00:00:00
db:VULMONid:CVE-2016-6420date:2016-10-05T00:00:00
db:BIDid:93204date:2016-09-28T00:00:00
db:JVNDBid:JVNDB-2016-005109date:2016-10-06T00:00:00
db:CNNVDid:CNNVD-201609-638date:2016-09-29T00:00:00
db:NVDid:CVE-2016-6420date:2016-10-05T10:59:20.550