ID

VAR-201611-0169


CVE

CVE-2016-6460


TITLE

Cisco Firepower System Software FTP REST API In FTP Vulnerabilities that bypass malware detection rules

Trust: 0.8

sources: JVNDB: JVNDB-2016-005911

DESCRIPTION

A vulnerability in the FTP Representational State Transfer Application Programming Interface (REST API) for Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass FTP malware detection rules and download malware over an FTP connection. Cisco Firepower System Software is affected when the device has a file policy with malware block configured for FTP connections. More Information: CSCuv36188 CSCuy91156. Known Affected Releases: 5.4.0.2 5.4.1.1 5.4.1.6 6.0.0 6.1.0 6.2.0. Known Fixed Releases: 6.0.0. Cisco Firepower System Software is prone to a remote security-bypass vulnerability. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. This issue is being tracked by Cisco Bug IDs CSCuv36188 and CSCuy91156

Trust: 1.98

sources: NVD: CVE-2016-6460 // JVNDB: JVNDB-2016-005911 // BID: 94359 // VULHUB: VHN-95280

AFFECTED PRODUCTS

vendor:ciscomodel:firesight system softwarescope:eqversion:5.4.0.2

Trust: 2.4

vendor:ciscomodel:firesight system softwarescope:eqversion:5.4.1.1

Trust: 2.4

vendor:ciscomodel:firesight system softwarescope:eqversion:5.4.1.6

Trust: 2.4

vendor:ciscomodel:firesight system softwarescope:eqversion:6.0.0

Trust: 2.4

vendor:ciscomodel:firesight system softwarescope:eqversion:6.1.0

Trust: 2.4

vendor:ciscomodel:firesight system softwarescope:eqversion:6.2.0

Trust: 2.4

vendor:ciscomodel:firepower system softwarescope:eqversion:0

Trust: 0.3

sources: BID: 94359 // JVNDB: JVNDB-2016-005911 // CNNVD: CNNVD-201611-445 // NVD: CVE-2016-6460

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-6460
value: HIGH

Trust: 1.0

NVD: CVE-2016-6460
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201611-445
value: MEDIUM

Trust: 0.6

VULHUB: VHN-95280
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-6460
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-95280
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-6460
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-95280 // JVNDB: JVNDB-2016-005911 // CNNVD: CNNVD-201611-445 // NVD: CVE-2016-6460

PROBLEMTYPE DATA

problemtype:CWE-254

Trust: 1.1

problemtype:CWE-16

Trust: 0.8

sources: VULHUB: VHN-95280 // JVNDB: JVNDB-2016-005911 // NVD: CVE-2016-6460

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201611-445

TYPE

configuration error

Trust: 0.6

sources: CNNVD: CNNVD-201611-445

CONFIGURATIONS

[
  {
    "CVE_data_version": "4.0",
    "nodes": [
      {
        "operator": "OR",
        "cpe_match": [
          {
            "vulnerable": true,
            "cpe22Uri": "cpe:/a:cisco:firesight_system_software"
          }
        ]
      }
    ]
  }
]

sources: JVNDB: JVNDB-2016-005911

PATCH

title:cisco-sa-20161116-fssurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161116-fss

Trust: 0.8

sources: JVNDB: JVNDB-2016-005911

EXTERNAL IDS

db:NVDid:CVE-2016-6460

Trust: 2.8

db:BIDid:94359

Trust: 1.4

db:JVNDBid:JVNDB-2016-005911

Trust: 0.8

db:CNNVDid:CNNVD-201611-445

Trust: 0.7

db:VULHUBid:VHN-95280

Trust: 0.1

sources: VULHUB: VHN-95280 // BID: 94359 // JVNDB: JVNDB-2016-005911 // CNNVD: CNNVD-201611-445 // NVD: CVE-2016-6460

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20161116-fss

Trust: 2.0

url:http://www.securityfocus.com/bid/94359

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6460

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6460

Trust: 0.8

url:http://www.cisco.com/

Trust: 0.3

sources: VULHUB: VHN-95280 // BID: 94359 // JVNDB: JVNDB-2016-005911 // CNNVD: CNNVD-201611-445 // NVD: CVE-2016-6460

CREDITS

Cisco

Trust: 0.3

sources: BID: 94359

SOURCES

db:VULHUBid:VHN-95280
db:BIDid:94359
db:JVNDBid:JVNDB-2016-005911
db:CNNVDid:CNNVD-201611-445
db:NVDid:CVE-2016-6460

LAST UPDATE DATE

2024-11-23T22:13:12.301000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-95280date:2016-12-06T00:00:00
db:BIDid:94359date:2016-11-24T01:11:00
db:JVNDBid:JVNDB-2016-005911date:2016-11-24T00:00:00
db:CNNVDid:CNNVD-201611-445date:2016-11-22T00:00:00
db:NVDid:CVE-2016-6460date:2024-11-21T02:56:10.513

SOURCES RELEASE DATE

db:VULHUBid:VHN-95280date:2016-11-19T00:00:00
db:BIDid:94359date:2016-11-16T00:00:00
db:JVNDBid:JVNDB-2016-005911date:2016-11-24T00:00:00
db:CNNVDid:CNNVD-201611-445date:2016-11-22T00:00:00
db:NVDid:CVE-2016-6460date:2016-11-19T03:03:03.537