Details of VAR-201610-0283

ID

VAR-201610-0283

CVE

CVE-2016-6434

TITLE

Cisco Firepower Management Center Vulnerability in which important information is obtained

Trust: 0.8

sources: JVNDB: JVNDB-2016-005142

DESCRIPTION

Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users to obtain sensitive information by leveraging CLI access, aka Bug ID CSCva30370. An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may lead to further attacks. This issue being tracked by Cisco Bug ID CSCva30370

Trust: 2.07

sources: NVD: CVE-2016-6434 // JVNDB: JVNDB-2016-005142 // BID: 93412 // VULHUB: VHN-95254 // VULMON: CVE-2016-6434

AFFECTED PRODUCTS

vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.0.1	Trust: 1.4
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.0.1	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	0	Trust: 0.3

sources: BID: 93412 // JVNDB: JVNDB-2016-005142 // CNNVD: CNNVD-201610-109 // NVD: CVE-2016-6434

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-6434
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-6434
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201610-109
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-95254
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2016-6434
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-6434
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-95254
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-6434
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-95254 // VULMON: CVE-2016-6434 // JVNDB: JVNDB-2016-005142 // CNNVD: CNNVD-201610-109 // NVD: CVE-2016-6434

PROBLEMTYPE DATA

problemtype:

CWE-287

Trust: 1.9

sources: VULHUB: VHN-95254 // JVNDB: JVNDB-2016-005142 // NVD: CVE-2016-6434

THREAT TYPE

local

Trust: 0.9

sources: BID: 93412 // CNNVD: CNNVD-201610-109

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201610-109

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-005142

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-95254 // VULMON: CVE-2016-6434

PATCH

title:	cisco-sa-20161005-ftmc1	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ftmc1	Trust: 0.8
title:	Cisco: Cisco Firepower Management Center Console Authentication Bypass Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20161005-ftmc1	Trust: 0.1

sources: VULMON: CVE-2016-6434 // JVNDB: JVNDB-2016-005142

EXTERNAL IDS

db:	NVD	id:	CVE-2016-6434	Trust: 2.9
db:	BID	id:	93412	Trust: 1.5
db:	EXPLOIT-DB	id:	40465	Trust: 1.2
db:	JVNDB	id:	JVNDB-2016-005142	Trust: 0.8
db:	CNNVD	id:	CNNVD-201610-109	Trust: 0.7
db:	PACKETSTORM	id:	138986	Trust: 0.7
db:	VULHUB	id:	VHN-95254	Trust: 0.1
db:	VULMON	id:	CVE-2016-6434	Trust: 0.1

sources: VULHUB: VHN-95254 // VULMON: CVE-2016-6434 // BID: 93412 // JVNDB: JVNDB-2016-005142 // CNNVD: CNNVD-201610-109 // NVD: CVE-2016-6434

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20161005-ftmc1	Trust: 2.2
url:	http://www.securityfocus.com/bid/93412	Trust: 1.3
url:	https://www.exploit-db.com/exploits/40465/	Trust: 1.3
url:	https://blog.korelogic.com/blog/2016/10/10/virtual_appliance_spelunking	Trust: 1.2
url:	https://www.korelogic.com/resources/advisories/kl-001-2016-005.txt	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6434	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6434	Trust: 0.8
url:	http://packetstormsecurity.com/files/138986/cisco-firepower-threat-management-console-hard-coded-mysql-credentials.html	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/287.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-95254 // VULMON: CVE-2016-6434 // BID: 93412 // JVNDB: JVNDB-2016-005142 // CNNVD: CNNVD-201610-109 // NVD: CVE-2016-6434

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 93412

SOURCES

db:	VULHUB	id:	VHN-95254
db:	VULMON	id:	CVE-2016-6434
db:	BID	id:	93412
db:	JVNDB	id:	JVNDB-2016-005142
db:	CNNVD	id:	CNNVD-201610-109
db:	NVD	id:	CVE-2016-6434

LAST UPDATE DATE

2024-11-27T22:56:45.590000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-95254	date:	2017-09-03T00:00:00
db:	VULMON	id:	CVE-2016-6434	date:	2017-09-03T00:00:00
db:	BID	id:	93412	date:	2016-10-10T00:05:00
db:	JVNDB	id:	JVNDB-2016-005142	date:	2016-10-12T00:00:00
db:	CNNVD	id:	CNNVD-201610-109	date:	2016-10-11T00:00:00
db:	NVD	id:	CVE-2016-6434	date:	2024-11-26T16:09:02.407

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-95254	date:	2016-10-06T00:00:00
db:	VULMON	id:	CVE-2016-6434	date:	2016-10-06T00:00:00
db:	BID	id:	93412	date:	2016-10-05T00:00:00
db:	JVNDB	id:	JVNDB-2016-005142	date:	2016-10-12T00:00:00
db:	CNNVD	id:	CNNVD-201610-109	date:	2016-10-10T00:00:00
db:	NVD	id:	CVE-2016-6434	date:	2016-10-06T10:59:15.383