FKIE_CVE-2016-6461

Vulnerability from fkie_nvd - Published: 2016-11-19 03:03 - Updated: 2025-04-12 10:46
Severity ?
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
A vulnerability in the HTTP web-based management interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to inject arbitrary XML commands on the affected system. More Information: CSCva38556. Known Affected Releases: 9.1(6.10). Known Fixed Releases: 100.11(0.75) 100.15(0.137) 100.8(40.129) 96.2(0.95) 97.1(0.55) 97.1(12.7) 97.1(6.30).
References
psirt@cisco.comhttp://www.securityfocus.com/bid/94365
psirt@cisco.comhttp://www.securitytracker.com/id/1037306
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161116-asaVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/94365
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1037306
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161116-asaVendor Advisory
Impacted products
Vendor Product Version
cisco adaptive_security_appliance_software 9.1\(7\)4
cisco adaptive_security_appliance_software 9.1\(7\)7
cisco adaptive_security_appliance_software 9.1\(7\)9
cisco adaptive_security_appliance_software 9.1\(7\)11
cisco adaptive_security_appliance_software 9.1\(7\)12
cisco adaptive_security_appliance_software 9.1.6.10
cisco adaptive_security_appliance_software 9.2\(0.0\)
cisco adaptive_security_appliance_software 9.2\(0.104\)
cisco adaptive_security_appliance_software 9.2\(3.1\)
cisco adaptive_security_appliance_software 9.2.1
cisco adaptive_security_appliance_software 9.2.2
cisco adaptive_security_appliance_software 9.2.2.4
cisco adaptive_security_appliance_software 9.2.2.7
cisco adaptive_security_appliance_software 9.2.2.8
cisco adaptive_security_appliance_software 9.2.3
cisco adaptive_security_appliance_software 9.2.3.3
cisco adaptive_security_appliance_software 9.2.3.4
cisco adaptive_security_appliance_software 9.2.4
cisco adaptive_security_appliance_software 9.2.4.4
cisco adaptive_security_appliance_software 9.2.4.8
cisco adaptive_security_appliance_software 9.2.4.10
cisco adaptive_security_appliance_software 9.2.4.13
cisco adaptive_security_appliance_software 9.2.4.14
cisco adaptive_security_appliance_software 9.2.4.16
cisco adaptive_security_appliance_software 9.2.4.17
cisco adaptive_security_appliance_software 9.3\(1.50\)
cisco adaptive_security_appliance_software 9.3\(1.105\)
cisco adaptive_security_appliance_software 9.3\(2.100\)
cisco adaptive_security_appliance_software 9.3\(2.243\)
cisco adaptive_security_appliance_software 9.3.1
cisco adaptive_security_appliance_software 9.3.1.1
cisco adaptive_security_appliance_software 9.3.2
cisco adaptive_security_appliance_software 9.3.2.2
cisco adaptive_security_appliance_software 9.3.3
cisco adaptive_security_appliance_software 9.3.3.1
cisco adaptive_security_appliance_software 9.3.3.2
cisco adaptive_security_appliance_software 9.3.3.5
cisco adaptive_security_appliance_software 9.3.3.6
cisco adaptive_security_appliance_software 9.3.3.9
cisco adaptive_security_appliance_software 9.3.3.10
cisco adaptive_security_appliance_software 9.3.3.11
cisco adaptive_security_appliance_software 9.3.5
cisco adaptive_security_appliance_software 9.4.0.115
cisco adaptive_security_appliance_software 9.4.1
cisco adaptive_security_appliance_software 9.4.1.1
cisco adaptive_security_appliance_software 9.4.1.2
cisco adaptive_security_appliance_software 9.4.1.3
cisco adaptive_security_appliance_software 9.4.1.5
cisco adaptive_security_appliance_software 9.4.2
cisco adaptive_security_appliance_software 9.4.2.3
cisco adaptive_security_appliance_software 9.4.3
cisco adaptive_security_appliance_software 9.4.3.3
cisco adaptive_security_appliance_software 9.4.3.4
cisco adaptive_security_appliance_software 9.4.3.6
cisco adaptive_security_appliance_software 9.4.3.8
cisco adaptive_security_appliance_software 9.4.3.11
cisco adaptive_security_appliance_software 9.4.3.12
cisco adaptive_security_appliance_software 9.4.4
cisco adaptive_security_appliance_software 9.5.1
cisco adaptive_security_appliance_software 9.5.2
cisco adaptive_security_appliance_software 9.5.2.6
cisco adaptive_security_appliance_software 9.5.2.10
cisco adaptive_security_appliance_software 9.5.2.14
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)4:*:*:*:*:*:*:*",
              "matchCriteriaId": "07BC9E2D-0B86-4A82-8CB4-A31FFBF322CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6887033-E697-47D0-B6E0-61B64E9D3AC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4C1AB6D-F2C5-4726-8792-581E8DCB9EB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)11:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEA1216C-903C-469D-8615-ECFB3AA29BC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1\\(7\\)12:*:*:*:*:*:*:*",
              "matchCriteriaId": "0707169B-34B9-4666-8EBD-F5967059D6AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EF48794-2E5D-4BE0-9BB5-49ADE34F4A82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(0.0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A3A13A9C-5387-4670-8E20-FE878946D091",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(0.104\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9F7C7DA3-C24B-41BB-BDBE-7DC58EEAC4F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(3.1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "AFC39DA3-8171-4344-A946-7965873C56F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9C31567-8AEB-49C6-AA60-4150411D62AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA140CB2-C17C-4164-A59A-8585906057BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "468D98A7-92D5-4C01-9EDD-CB44B85EA6BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BAAC9FE-CCF0-4385-B5E9-FC424CD3EFD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C9DEB1C-F9B9-4291-92B5-8EEEADC57E51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "39330218-32FA-42FF-B5CA-288B7D140304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A92D7CED-D036-414B-B9EB-DCAF7F425A7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AAAB02-140D-46F2-A315-5791BF5A853F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EB02DBE-6D60-4D0E-8E9D-7611C3C32748",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A2F3C77-89CD-4990-98FA-E896079B6C87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5D03293-9765-46DB-B53D-1B23D5C14373",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0286DAF0-FACA-4F94-82E9-EAED8750DB7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "25E77826-1208-4582-A94C-242B601BD456",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD617A59-2A4C-4264-BB5D-0126EF292079",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5B9FC85-13B8-488C-80C4-C29C0E244601",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2E7582A-835E-4A84-B197-EB40EE7985C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(1.50\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1E044883-9952-477A-B2AA-3E0BB90C96A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(1.105\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2E26A1B0-D61C-4A25-8E10-02A2E3E7A02B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(2.100\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6F4A28B7-87A2-464A-92A8-644E3F7D13D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(2.243\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8D83ED80-972A-4548-9AB0-10F9A23DF749",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26D99395-D18D-458E-9880-19B7767F69D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E4CE047-3FEF-4A72-AD06-EC77D71EBCD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED33F68A-9EB0-416A-A0A5-0DF2C349FFEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F7DD812-DC72-4816-8B0F-361C32B2CD2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC41D4CD-D5EA-4678-B3AA-962C7C937118",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "996C9552-5743-4639-A077-5B057605DF21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5779CE0-7691-47DA-902C-4D32D6650C9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C69BE69-7C19-4ED3-98D3-04B1D41E56FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7D12EFD-71D6-480E-97D5-278CCE4A7118",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "56AE55AB-8170-4E3A-AF89-A8F79599901A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B10653A-0E7C-4014-825D-76B5B438D378",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "77642A96-EF7F-4138-97BC-B3793EE0FB52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFE9F46B-DD74-4295-BB6A-9239E29F4416",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.0.115:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8F53875-D589-4C34-B863-67AC9945BED8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8870EB6E-DAE9-45F9-BBA5-2D20E5E00F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B313B0E-4200-427F-A156-1EDA681F439D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8C49821-3BA5-4B44-84F5-113024FD030F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2011F264-53A5-4507-843B-46F66D285ADB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "290AA0BD-EDB0-4BA4-BF85-9CF29A1B7908",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "73FB7BAF-7B3E-4091-A90B-FB19B38FFE74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D2DA09B-CFBA-4FDE-A6D0-7C2CF202D72B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BE2EE9B-D44E-430D-8469-1DF0ADC322B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC6B45EB-97BB-4683-9092-95E560B2585F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D3AA854-0F4D-4B08-A249-B3C19C056D7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "66E55E46-01F5-4C0D-8A69-1BBC590188BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D96BCCA3-958D-41C4-98CE-1A333F9667A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "245E680B-7A2D-4F98-9D59-6ECF70FE882B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C78E5C3-4D0D-4DFD-AA91-93DD58B195F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F831FD5A-1D54-4DFA-9AED-C3F2CBCE4069",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E29F95F5-6957-46F0-A0A2-CCACBBA14F90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D9EFD6D-A657-4102-982D-7634AC25E75E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "59593836-990A-4CF1-AFBC-516C4A318641",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "5479676D-6B3F-4154-B0D4-D2C81E6C941F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "F062A64B-7184-49C6-BDF5-8A413B0A85F0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the HTTP web-based management interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to inject arbitrary XML commands on the affected system. More Information: CSCva38556. Known Affected Releases: 9.1(6.10). Known Fixed Releases: 100.11(0.75) 100.15(0.137) 100.8(40.129) 96.2(0.95) 97.1(0.55) 97.1(12.7) 97.1(6.30)."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz de gesti\u00f3n basada en web HTTP de el Cisco Adaptive Security Appliance (ASA) podr\u00eda permitir a un atacante remoto no autenticado, inyectar comandos XML arbitrarios en el sistema afectado. M\u00e1s informaci\u00f3n: CSCva38556. Lanzamientos conocidos afectados: 9.1(6.10). Lanzamientos conocidos solucionados 100.11(0.75) 100.15(0.137) 100.8(40.129) 96.2(0.95) 97.1(0.55) 97.1(12.7) 97.1(6.30)."
    }
  ],
  "id": "CVE-2016-6461",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-11-19T03:03:04.570",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/94365"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1037306"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161116-asa"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/94365"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1037306"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161116-asa"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.