Vulnerability-Lookup

CVE-2016-1463 (GCVE-0-2016-1463)

Vulnerability from cvelistv5 – Published: 2016-07-28 01:00 – Updated: 2024-08-05 22:55

Summary

Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet, aka Bug ID CSCuz20737.

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

GSD-2016-1463

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet, aka Bug ID CSCuz20737.

Aliases

CVE-2016-1463

Aliases

CVE-2016-1463

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-1463",
    "description": "Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet, aka Bug ID CSCuz20737.",
    "id": "GSD-2016-1463"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-1463"
      ],
      "details": "Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet, aka Bug ID CSCuz20737.",
      "id": "GSD-2016-1463",
      "modified": "2023-12-13T01:21:25.047976Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2016-1463",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet, aka Bug ID CSCuz20737."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1036471",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1036471"
          },
          {
            "name": "92152",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/92152"
          },
          {
            "name": "20160727 Cisco FireSIGHT System Software Snort Rule Bypass Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160727-firesight"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:6.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:5.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:firesight_system_software:6.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2016-1463"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet, aka Bug ID CSCuz20737."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20160727 Cisco FireSIGHT System Software Snort Rule Bypass Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160727-firesight"
            },
            {
              "name": "92152",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/92152"
            },
            {
              "name": "1036471",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1036471"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2017-09-01T01:29Z",
      "publishedDate": "2016-07-28T01:59Z"
    }
  }
}

GHSA-4FJ8-8H7F-8RJG

Vulnerability from github – Published: 2022-05-17 01:21 – Updated: 2022-05-17 01:21

Details

Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet, aka Bug ID CSCuz20737.

Severity ?

7.5 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-1463"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-07-28T01:59:00Z",
    "severity": "HIGH"
  },
  "details": "Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet, aka Bug ID CSCuz20737.",
  "id": "GHSA-4fj8-8h7f-8rjg",
  "modified": "2022-05-17T01:21:38Z",
  "published": "2022-05-17T01:21:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1463"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160727-firesight"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/92152"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1036471"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

VAR-201607-0438

Vulnerability from variot - Updated: 2025-04-13 23:27

Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet, aka Bug ID CSCuz20737. Cisco FireSIGHT system The software includes Snort A vulnerability exists that bypasses the rules. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. Cisco FireSIGHT System Software versions 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 are vulnerable. This issue is being tracked by Cisco Bug ID CSCuz20737. Cisco FireSIGHT System Software is a set of management center software of Cisco (Cisco), which supports centralized management of the network security and operation functions of Cisco ASA and Cisco FirePOWER network security devices using FirePOWER Services

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201607-0438",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "firesight system software",
        "scope": "eq",
        "trust": 2.7,
        "vendor": "cisco",
        "version": "5.3.1"
      },
      {
        "model": "firesight system software",
        "scope": "eq",
        "trust": 2.7,
        "vendor": "cisco",
        "version": "6.0.1"
      },
      {
        "model": "firesight system software",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "cisco",
        "version": "5.3.0"
      },
      {
        "model": "firesight system software",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "cisco",
        "version": "5.4.0"
      },
      {
        "model": "firesight system software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "6.0.0"
      },
      {
        "model": "firesight system software",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "cisco",
        "version": "6.0"
      },
      {
        "model": "firesight system software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.4"
      },
      {
        "model": "firesight system software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.3"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "92152"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004101"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-997"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1463"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:cisco:firesight_system_software",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004101"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "92152"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2016-1463",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2016-1463",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-90282",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2016-1463",
            "impactScore": 3.6,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2016-1463",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2016-1463",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201607-997",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-90282",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90282"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004101"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-997"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1463"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet, aka Bug ID CSCuz20737. Cisco FireSIGHT system The software includes Snort A vulnerability exists that bypasses the rules. \nAn attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. \nCisco FireSIGHT System Software versions 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 are vulnerable. \nThis issue is being tracked by Cisco Bug ID CSCuz20737. Cisco FireSIGHT System Software is a set of management center software of Cisco (Cisco), which supports centralized management of the network security and operation functions of Cisco ASA and Cisco FirePOWER network security devices using FirePOWER Services",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-1463"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004101"
      },
      {
        "db": "BID",
        "id": "92152"
      },
      {
        "db": "VULHUB",
        "id": "VHN-90282"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-1463",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "92152",
        "trust": 1.4
      },
      {
        "db": "SECTRACK",
        "id": "1036471",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004101",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-997",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-90282",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90282"
      },
      {
        "db": "BID",
        "id": "92152"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004101"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-997"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1463"
      }
    ]
  },
  "id": "VAR-201607-0438",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90282"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2025-04-13T23:27:25.254000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20160727-firesight",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160727-firesight"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004101"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90282"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004101"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1463"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160727-firesight"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/92152"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1036471"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1463"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1463"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/c/en/us/products/security/firesight-management-center/index.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90282"
      },
      {
        "db": "BID",
        "id": "92152"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004101"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-997"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1463"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-90282"
      },
      {
        "db": "BID",
        "id": "92152"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004101"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-997"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1463"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-07-28T00:00:00",
        "db": "VULHUB",
        "id": "VHN-90282"
      },
      {
        "date": "2016-07-27T00:00:00",
        "db": "BID",
        "id": "92152"
      },
      {
        "date": "2016-08-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-004101"
      },
      {
        "date": "2016-07-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201607-997"
      },
      {
        "date": "2016-07-28T01:59:43.760000",
        "db": "NVD",
        "id": "CVE-2016-1463"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-09-01T00:00:00",
        "db": "VULHUB",
        "id": "VHN-90282"
      },
      {
        "date": "2016-07-27T00:00:00",
        "db": "BID",
        "id": "92152"
      },
      {
        "date": "2016-08-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-004101"
      },
      {
        "date": "2016-07-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201607-997"
      },
      {
        "date": "2025-04-12T10:46:40.837000",
        "db": "NVD",
        "id": "CVE-2016-1463"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-997"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco FireSIGHT system In software  Snort Vulnerabilities that bypass rules",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004101"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-997"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2016-1463

Vulnerability from fkie_nvd - Published: 2016-07-28 01:59 - Updated: 2025-04-12 10:46

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Summary

Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet, aka Bug ID CSCuz20737.

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160727-firesight	Vendor Advisory
psirt@cisco.com	http://www.securityfocus.com/bid/92152
psirt@cisco.com	http://www.securitytracker.com/id/1036471
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160727-firesight	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/92152
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1036471

Impacted products

Vendor	Product	Version
cisco	firesight_system_software	5.3.0
cisco	firesight_system_software	5.3.1
cisco	firesight_system_software	5.4.0
cisco	firesight_system_software	6.0.0
cisco	firesight_system_software	6.0.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1049BCE-4A7B-4636-9090-17724D5AFBA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BEF2B98-243F-4796-A98C-A978C4CCAD91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EB13B96-D431-49BD-ADAB-9AE5DB559935",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D52DB0-4441-41C9-900E-DE917B0CBC91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC5565FE-174C-41C7-9462-9138BB31507D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet, aka Bug ID CSCuz20737."
    },
    {
      "lang": "es",
      "value": "Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0 y 6.0.1 permite a atacantes remotos eludir reglas Snort a trav\u00e9s de par\u00e1metros manipulados en la cabecera de un paquete HTTP, tambi\u00e9n conocido como Bug ID CSCuz20737."
    }
  ],
  "id": "CVE-2016-1463",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-07-28T01:59:43.760",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160727-firesight"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/92152"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1036471"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160727-firesight"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/92152"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1036471"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2016-05660

Vulnerability from cnvd - Published: 2016-07-29

Title

Cisco FireSIGHT System Software Snort规则绕过漏洞

Description

Cisco FireSIGHT System Software是美国思科（Cisco）公司的一套管理中心软件，它支持集中管理采用FirePOWER Services的Cisco ASA和思科FirePOWER网络安全设备的网络安全和运行功能的软件。 Cisco FireSIGHT System Software中存在安全漏洞，该漏洞源于程序未能正确处理HTTP header中的参数。远程攻击者可通过发送特制的HTTP数据包利用该漏洞绕过Snort规则。

Severity

中

Formal description

目前没有详细解决方案提供： http://www.cisco.com/

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160727-firesight https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1463

Impacted products

Name
['Cisco FireSIGHT System Software 5.3.0', 'Cisco FireSIGHT System Software 6.0.1', 'Cisco FireSIGHT System Software 5.3.1', 'Cisco FireSIGHT System Software 5.4.0', 'Cisco FireSIGHT System Software 6.0']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "92152"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-1463"
    }
  },
  "description": "Cisco FireSIGHT System Software\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u7ba1\u7406\u4e2d\u5fc3\u8f6f\u4ef6\uff0c\u5b83\u652f\u6301\u96c6\u4e2d\u7ba1\u7406\u91c7\u7528FirePOWER Services\u7684Cisco ASA\u548c\u601d\u79d1FirePOWER\u7f51\u7edc\u5b89\u5168\u8bbe\u5907\u7684\u7f51\u7edc\u5b89\u5168\u548c\u8fd0\u884c\u529f\u80fd\u7684\u8f6f\u4ef6\u3002\r\n\r\nCisco FireSIGHT System Software\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u5904\u7406HTTP header\u4e2d\u7684\u53c2\u6570\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684HTTP\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7Snort\u89c4\u5219\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u89e3\u51b3\u65b9\u6848\u63d0\u4f9b\uff1a\r\nhttp://www.cisco.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-05660",
  "openTime": "2016-07-29",
  "products": {
    "product": [
      "Cisco FireSIGHT System Software 5.3.0",
      "Cisco FireSIGHT System Software 6.0.1",
      "Cisco FireSIGHT System Software 5.3.1",
      "Cisco FireSIGHT System Software 5.4.0",
      "Cisco FireSIGHT System Software 6.0"
    ]
  },
  "referenceLink": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160727-firesight\r\nhttps://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1463",
  "serverity": "\u4e2d",
  "submitTime": "2016-07-28",
  "title": "Cisco FireSIGHT System Software Snort\u89c4\u5219\u7ed5\u8fc7\u6f0f\u6d1e"
}

CERTFR-2016-AVI-255

Vulnerability from certfr_avis - Published: 2016-07-28 - Updated: 2016-07-28

De multiples vulnérabilités ont été corrigées dans les produits Cisco. Elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une injection de code indirecte à distance (XSS).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Cisco Nexus 1000v AVS versions antérieures à 5.2(1)SV3(1.5i) et antérieures à 5.2(1)SV3(1.6)
Cisco	N/A	Cisco Prime Service Catalog version 11.0
Cisco	N/A	Cisco FireSIGHT System Software versions 5.3.0, 5.3.1, 5.4.0, 6.0, et 6.0.1

References

Title

Publication Time

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-1463 (GCVE-0-2016-1463)

GSD-2016-1463

GHSA-4FJ8-8H7F-8RJG

VAR-201607-0438

FKIE_CVE-2016-1463

CNVD-2016-05660

CERTFR-2016-AVI-255

Solution

Tags

Sightings

Nomenclature