Sign-up

ID

VAR-201704-0279


CVE

CVE-2016-6368


TITLE

Cisco Firepower System Software resource management vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2016-008501

DESCRIPTION

A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The vulnerability is due to improper input validation of the fields in the PGM protocol packet. An attacker could exploit this vulnerability by sending a crafted PGM packet to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped. This vulnerability affects Cisco Firepower System Software that has one or more file action policies configured and is running on any of the following Cisco products: Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services; Adaptive Security Appliance (ASA) 5500-X Series Next-Generation Firewalls; Advanced Malware Protection (AMP) for Networks, 7000 Series Appliances; Advanced Malware Protection (AMP) for Networks, 8000 Series Appliances; Firepower 4100 Series Security Appliances; FirePOWER 7000 Series Appliances; FirePOWER 8000 Series Appliances; Firepower 9300 Series Security Appliances; FirePOWER Threat Defense for Integrated Services Routers (ISRs); Industrial Security Appliance 3000; Sourcefire 3D System Appliances; Virtual Next-Generation Intrusion Prevention System (NGIPSv) for VMware. Fixed versions: 5.4.0.10 5.4.1.9 6.0.1.3 6.1.0 6.2.0. Cisco Bug IDs: CSCuz00876. Cisco Firepower System The software contains a resource management vulnerability. Vendors have confirmed this vulnerability Bug ID CSCuz00876 It is released as.Service operation interruption (DoS) An attack may be carried out. are all products of Cisco (Cisco)

Trust: 1.98

sources: NVD: CVE-2016-6368 // JVNDB: JVNDB-2016-008501 // BID: 97932 // VULHUB: VHN-95188

AFFECTED PRODUCTS

vendor:ciscomodel:secure firewall management centerscope:eqversion:6.0.0.0

Trust: 1.0

vendor:ciscomodel:secure firewall management centerscope:eqversion:6.0.0.1

Trust: 1.0

vendor:ciscomodel:secure firewall management centerscope:eqversion:6.0.1

Trust: 1.0

vendor:ciscomodel:secure firewall management centerscope:eqversion:6.0.0

Trust: 1.0

vendor:ciscomodel:firepower management centerscope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower management centerscope:eqversion:6.0.0.0

Trust: 0.6

vendor:ciscomodel:firepower management centerscope:eqversion:6.0.0.1

Trust: 0.6

vendor:ciscomodel:firepower management centerscope:eqversion:6.0.0

Trust: 0.6

vendor:ciscomodel:firepower management centerscope:eqversion:6.0.1

Trust: 0.6

vendor:ciscomodel:virtual next-generation intrusion prevention systemscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:sourcefire 3d system appliancesscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:industrial security appliancescope:eqversion:30000

Trust: 0.3

vendor:ciscomodel:firepower threat defense for integrated services routersscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:firepower system softwarescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:firepower management centerscope:eqversion:6.0

Trust: 0.3

vendor:ciscomodel:firepower series security appliancesscope:eqversion:93000

Trust: 0.3

vendor:ciscomodel:firepower series appliancesscope:eqversion:80000

Trust: 0.3

vendor:ciscomodel:firepower series appliancesscope:eqversion:70000

Trust: 0.3

vendor:ciscomodel:firepower series security appliancesscope:eqversion:41000

Trust: 0.3

vendor:ciscomodel:advanced malware protection for networks series appliscope:eqversion:80000

Trust: 0.3

vendor:ciscomodel:advanced malware protection for networks series appliscope:eqversion:70000

Trust: 0.3

vendor:ciscomodel:adaptive security appliance series with firepower sscope:eqversion:5500-x0

Trust: 0.3

vendor:ciscomodel:adaptive security appliance series next-generationscope:eqversion:5500-x0

Trust: 0.3

vendor:ciscomodel:firepower management centerscope:neversion:6.1

Trust: 0.3

vendor:ciscomodel:firepower management centerscope:neversion:6.0.1.3

Trust: 0.3

sources: BID: 97932 // JVNDB: JVNDB-2016-008501 // CNNVD: CNNVD-201704-1072 // NVD: CVE-2016-6368

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-6368
value: HIGH

Trust: 1.0

NVD: CVE-2016-6368
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201704-1072
value: MEDIUM

Trust: 0.6

VULHUB: VHN-95188
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-6368
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-95188
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-6368
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-95188 // JVNDB: JVNDB-2016-008501 // CNNVD: CNNVD-201704-1072 // NVD: CVE-2016-6368

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.9

sources: VULHUB: VHN-95188 // JVNDB: JVNDB-2016-008501 // NVD: CVE-2016-6368

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201704-1072

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201704-1072

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-008501

PATCH
title:cisco-sa-20170419-fpsnorturl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-fpsnort
Trust: 0.8
title:Cisco Firepower System Software Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=70702
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2016-008501 // 
            
            
            
            CNNVD: CNNVD-201704-1072

EXTERNAL IDS
db:NVDid:CVE-2016-6368
Trust: 2.8
db:BIDid:97932
Trust: 1.4
db:BIDid:98292
Trust: 1.1
db:JVNDBid:JVNDB-2016-008501
Trust: 0.8
db:CNNVDid:CNNVD-201704-1072
Trust: 0.7
db:VULHUBid:VHN-95188
Trust: 0.1
sources:
            
            
            VULHUB: VHN-95188 // 
            
            
            
            BID: 97932 // 
            
            
            
            JVNDB: JVNDB-2016-008501 // 
            
            
            
            CNNVD: CNNVD-201704-1072 // 
            
            
            
            NVD: CVE-2016-6368

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170419-fpsnort
Trust: 2.0
url:http://www.securityfocus.com/bid/97932
Trust: 1.1
url:http://www.securityfocus.com/bid/98292
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6368
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2016-6368
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-95188 // 
            
            
            
            BID: 97932 // 
            
            
            
            JVNDB: JVNDB-2016-008501 // 
            
            
            
            CNNVD: CNNVD-201704-1072 // 
            
            
            
            NVD: CVE-2016-6368

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 97932

SOURCES
db:VULHUBid:VHN-95188
db:BIDid:97932
db:JVNDBid:JVNDB-2016-008501
db:CNNVDid:CNNVD-201704-1072
db:NVDid:CVE-2016-6368

LAST UPDATE DATE
2024-11-27T22:46:13.031000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-95188date:2017-05-06T00:00:00
db:BIDid:97932date:2017-05-02T00:06:00
db:JVNDBid:JVNDB-2016-008501date:2017-05-25T00:00:00
db:CNNVDid:CNNVD-201704-1072date:2017-07-14T00:00:00
db:NVDid:CVE-2016-6368date:2024-11-26T16:09:02.407

SOURCES RELEASE DATE
db:VULHUBid:VHN-95188date:2017-04-20T00:00:00
db:BIDid:97932date:2017-04-19T00:00:00
db:JVNDBid:JVNDB-2016-008501date:2017-05-25T00:00:00
db:CNNVDid:CNNVD-201704-1072date:2017-04-20T00:00:00
db:NVDid:CVE-2016-6368date:2017-04-20T22:59:00.197